Security Features

Hosting

ReadyOp uses Amazon Web Services (AWS), an industry leader in secure, reliable cloud computing. Specifically, all US-based ReadyOp clients are hosted through AWS GovCloud. This is a specifically dedicated region of Amazon’s Web Services allowing US Government agencies and contractors to move sensitive workloads into the cloud while maintaining regulatory compliance. For US-based clients, ReadyOp’s infrastructure is physically and logically addressable by US persons only, supporting the following security controls and certifications: FIPS 140-2, ITAR, HIPAA, FISMA, SSAE 16/SOC1 (formerly SAS-70 Type 2), ISO/IEC 27001, and PCI DSS Level 1. International clients are hosted through the AWS non-US Government secure services.

Secure

Each ReadyOp site is secured using SSL/TLS, the industry standard in secure communications over the Internet. SSL v3, TLS 1.0, 1.1 and 1.2 are used based on the client’s browser. This provides the same level of authentication security and encryption of communication, preventing eavesdropping, tampering and forging as required by financial institutions and government regulations for FIPS 140-2 compliance.

Controlled Access Lists

Each agency decides exactly who will have access to its website and the level of interaction authorized for each person. Login access is logged and can be restricted or revoked at any time. The host agency’s Agency Administrator and not Collabria gives each person who is granted access the proper credentials.

Agency Administrator

Each agency designates its own Agency Administrator as the control person for that agency. The agency administrator is responsible for maintaining the authorized list of users for his/her agency and for issuing login/security credentials.

Users and Administrators

The agency administrator for each agency designates the persons provided credentials to the agency’s site. Users are persons who can log into that agency’s ReadyOp site, but a User is not able to see phone numbers or email addresses of persons in the agency’s Roster. Administrators can see the contact information, as they are the primary persons responsible for entering and maintaining the personal information for the persons in the Roster.

Chat, Voice, Video

ReadyOp’s secure chat feature is encrypted end-to-end using industry standard SSL/TLS. Voice utilizes the SPEEX codec (at ~11kbps), while video uses H.264 (at ~64kbps), allowing audio and video conference calls over even cellular network connections.

Access

Direct access to the ReadyOp software/database is restricted to authorized Collabria personnel only, requiring authentication over private VPN, as well as 4096-bit encrypted authentication.