| Hardware Security |
Two firewalls protect our file server. The first firewall is provided by our internet service provider (ISP) which serves as our first line of defense from the general public. No entity (not even us) can receive e-mail unless connected directly to our ISP and has the correct user passwords. The second firewall is installed at our file server which serves as our second line of defense from malicious subscribers of our ISP. This firewall redundancy ensures our file server security.
Because no internet system is absolutely secure, we opted not to use the 24 hour / 7 day secure FTP operation. To circumvent possible attacks from web hackers, we decided to make use of the best security available -- to physically disconnect our file server from the internet. Whenever an e-mail arrives, our ISP automatically notifies us via pocket pagers. Upon notification, we connect into our ISP and retrieve the e-mail. After retrieval, our file server is physically disconnected from the internet. This physical disconnection prevents computer viruses or trojan horses from dialing directly into the internet. Also, the pocket pager approach reduces the time an e-mail resides in the ISP's e-mail server thus significantly reducing the risk from "man-in-the-middle" type of attacks. As a result, our file server, e-mail, dictation files, as well as medical records archives are completely safe from unauthorized access.