What does it mean to have "worry-free" security?

Comprehensive protection across 7 areas of data and physical security
Data replication at the server and client level
Security measures that facilitate regulatory compliance
Third-party audits to validate our controls and processes

What does it mean to have "worry-free" security?

Intermedia invests considerable human and capital resources to ensure levels of security and protection in which you can have full confidence. We’re SOC 2 audited, which attests to our high standards for security—including product security, network security, infrastructure security and privacy protection.

Validation for our security and protection claims

Any cloud provider can claim to be secure. We have consulted with a number of independent sources to validate the claims we make.

SOC 2 audited
Intermedia's SOC 3 Security and Availability Report
Intermedia's SOC 3 Security and Availability Report

Intermedia has a SOC 3 audit report from an independent auditor who has validated that, in their opinion, our controls and processes were effective in assuring security during the evaluation period.
Get Intermedia’s SOC 3 Security and Availability Report. For other Intermedia SOC reports, please contact your Intermedia Sales representative.

SSAE 16 Type II-audited datacenters
SOC 1 Type 2 and SOC 2 Type 2-audited datacenters
SOC 1 Type 2 and SOC 2 Type 2-audited datacenters

Intermedia’s datacenters are audited to the SOC 1 Type 2 and SOC 2 Type 2 standard, which validates the provider’s commitment to the trust principles of security, availability, processing integrity, confidentiality, and privacy.

Financial regulatory compliance
Financial regulatory compliance
Financial regulatory compliance

For customers in regulated businesses, Intermedia facilitates compliance with FINRA, SEC, SOX, and many other regulations.

HIPAA compliance
HIPAA compliance
HIPAA compliance

Intermedia services are designed to meet the privacy and security requirements for Protected Health Information (PHI). Our policies, procedures, technologies and services are audited by a third-party to validate conformance with HIPAA privacy and security requirements, and Intermedia will execute a HIPAA Business Associate Agreement with Covered Entities.

PCI-DSS
PCI-DSS
PCI-DSS

Our payment processing system has passed the strict testing procedures necessary to be compliant with the PCI Data Security Standards (PCI DSS).

Privacy protection and data protection frameworks
Privacy protection and data protection frameworks
Privacy protection and data protection frameworks

Intermedia maintains a comprehensive privacy policy. In addition, we are registered with the US Department of Commerce as compliant with US-EU and US-Swiss Safe Harbor frameworks, which were created to bridge the gap between US and EU/Swiss data protection and privacy standards. All our EU and US customers benefit from this level of protection.

CSA STAR Level 1
CSA STAR Level 1
CSA STAR Level 1

The Cloud Security Alliance (CSA) is an organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA manages the Security, Trust, Assurance, and Risk (STAR) Registry, which lists cloud organizations who have been reviewed and approved by CSA. Intermedia has achieved CSA STAR Level 1 by submitting a Consensus Assessments Initiative Questionnaire (CAIQ), and is listed in the STAR Registry.

ISO 27001 Certification
ISO 27001 Certification
ISO 27001 Certification

Intermedia’s cloud communications platform has ISO 27001 certification for information security best practices that meet the stringent requirements outlined by an Information Security Management System (ISMS). You can download Intermedia's ISO Certificate of Registration here.

Security and protection across seven pillars

Click each cell below to see comprehensive security details for each of our seven security and protection pillars.

Data security, including encryption and access control
Server-side and client-side backups
Endpoint protection for PCs, mobile devices and voice services
Identity protection
Infrastructure security
Privacy and control over data
Security management
Email encryption
  • In transit: TLSv1.2
  • Advanced encryption with Policy Based Email Encryption
  • At rest: Bitlocker® (available on some versions of Exchange)
SecuriSync® file sharing and backup
  • In transit: SSL/TLS
  • At rest: Account-level encryption keys 
AnyMeeting Video Conferencing & Webinars
  • Secure WebRTC
Intermedia Unite® Softphone
  • Secure WebRTC
Intermedia Unite® Voice encryption
  • Signaling: TLS (upon customer request)
Email Archiving
  • In transit: SSL
  • At rest: AES-256
Exchange Plus backup
  • Intermedia retains at least 2 copies of your data
  • These copies reside on physical disks in separate corners of our database quadrant
  • This ensures service availability in the event that a storage unit experiences a failure
  • This design makes it highly unlikely that corrupt data will replicate from one copy to another
Outlook Backup
  • Customer-manageable backups
  • Customize-able Backup Schedules for reoccurring backup jobs
  • Retention policy options to help manage storage
  • Available options to download and upload PST backups from HostPilot® or through any FTP clients
SecuriSync file sharing and backup
  • Customer data is stored on EMC Isilon NAS which consists of 2 sets of 3 redundant storage nodes
  • Data is configured for N+2:1 redundancy to sustain both disk drive and node failures
  • There at least 2 copies of each customer file
  • Data is additionally protected by snapshots which are scheduled once a day
  • Each snapshot is retained for a month
Email Archiving
  • 3 copies of archived data, located in multiple datacenters
Lync®/Skype for Business®:
  • PC clients with conversation history enabled can use Outlook Backup to backup their conversations
SecuriSync:
  • Real-time sync/backup of all files in the My SecuriSync folder
  • Versioning - real-time backup of all subsequent changes to files
  • Recycle Bin for content protection (policy: prevent permanent deletion of files by end-users)
  • Simple Admin (Admin File Management) or end-user driven restore
    • Lost/Damaged device: Install SecuriSync and authenticate using AD creds. All files will be automatically restored to the device
    • Deleted Files: Restore deleted files from SecuriSync Recycle Bin. Permanent file deletion can be disabled by administrators
    • Old Versions: Restore any version from file version history
Email
  • AntiSpam (Advanced Email Security)
  • AntiVirus (Advanced Email Security)
  • White/Black lists (Advanced Email Security)
  • Anti-malware/anti-phishing for URLs (Intermedia LinkSafe™)
  • SecuriSync: remote wipe of PCs
Two-Factor Authentication for Intermedia Unite® Desktop App

The Desktop App from Intermedia allows users to use their Unite business phone system while working remotely or while on the go. These apps require a login and password and also require 2-factor authentication for access.

Mobile security (MDM)
  • ActiveSync and Blackberry® remote device wipe
  • Device management polices to enforce password requirements
  • Device timeout period
  • Device encryption
  • Other message settings, including maximum retention time on device, size and attachment restrictions
  • SecuriSync: remote wipe of data on mobile devices and PCs
  • Advanced: Intermedia offers integration with well-known MDM vendors (some only available with Private Cloud)
Two-Factor Authentication for Intermedia Unite® Mobile App

The Mobile App from Intermedia allows users to use their Unite business phone system while working remotely or while on the go. These apps require a login and password and also require 2-factor authentication for access.

Spam Caller Protection in Intermedia Unite®
  • Detection: Sophisticated call detection automatically recognizes robocalls and scammers.
  • Alerts: Warns users of spam and fraudulent calls before they answer a call from any Unite-enabled device.
  • Blocking: Intermedia Unite can block spam and fraudulent callers from reaching users.
Secure handset protection

To verify that phones and devices are secure from cyber threats and attacks like eavesdropping, we require strong passwords on all SIP endpoints.

Internally, Intermedia maintains systems and processes to detect and respond to any suspicious and/or malicious activity within our corporate network.

Ability to selectively enable service for end-users
HostPilot
  • Role-based admin access for control panel
  • Two-factor authentication for an extra layer of security
  • IP white listing/restrictions for accessing control panel
Email
  • Granular sharing permissions
  • Custom IP restrictions (Private Cloud only)
  • Email retention policy
SecuriSync
  • Granular sharing permissions
  • Password-protected web-links
  • Mobile app pass-codes (iOS/Android™/BlackBerry)
  • Admin file management (provides admin visibility into user content)
  • External sharing policies (Pre-approve vs Manually approve external sharing)
  • User decommissioning (By disabling SecuriSync for an end-user, an admin restricts future access and retains all user files)
  • Endpoint decommissioning
SAML SSO (Security Assertion Markup Language Single Sign-On)
  • Allows connection to practically any SSO provider on the market (i.e., Microsoft, Google, Okta etc.)
  • Once setup is complete, users will only have to provide their login credentials once to stay signed into Intermedia services
  • Specific users can be excluded from SSO privileges and be required to provide their login credentials with each sign-in
Password management

Password management is very granular, based on user role.

  • We support password management options for HostPilot, Partner Portal Admins and Active Directory Users.
  • Both users and admins can reset their passwords, with the new one sent via cellphone or email address
  • "Reset password on next login" available for both Admins and Users. (Admins are able to define who will have to reset password on the next login.)
  • HostPilot admins have the following options:
    • Restrict password management by users themselves
    • Sync passwords from custom Active Directory based on the UserPilot.
  • "Password meter" functionality for measuring password complexity/security is available
  • To comply with CPNI regulations, password changes trigger an email notification to the owner of the password
  • During onboarding, passwords are sent to admins in an encrypted file; the code to open the file is sent separately via SMS
Password policies
  • Admins, partners and Active Directory users can be subject to password policies
  • Admins can apply a default policy or build custom policies
  • The following fields are available for customization
    • Minimum password length
    • Password expiration period
    • Allow/deny reuse of existing passwords
    • Lock user after several wrong login attempts
Login experience
  • Captcha on the login page (only select pages)
  • Prevent dictionary attacks by locking users after several wrong attempts
Privileged user management
  • Internal administrator activities are logged and internal administrator access is routinely reviewed
  • HostPilot allows customers to review logs of admin activity on their own account
Multi-tenant platform security
  • Multiple redundant, enterprise-class firewall systems
  • Multiple redundant carrier grade intrusion protection systems (IPS)
Perimeter/network security
  • Intrusion prevention and detection
  • Network access control
  • Enterprise-class firewalls
Physical security
  • Closed-circuit TV
  • Secure access policies
  • Security guards
Employee security
  • Background checks
  • Two-factor authentication
  • Role-based access control
  • Restricted server access
DDoS protection
  • Redundant internet service providers
    • Mitigates the potential impact of DDoS attacks
  • All Intermedia services are protected by 24x7x365 DDoS mitigation services from leading provider
Account protection

Stringent caller identification procedures authenticate a caller’s identity during support and service calls

Secure Email Gateways

Every email sent and received by Intermedia is filtered and vetted by our secure email gateways

Incident response

Alerting and monitoring within our security operations center

Dedicated, full-time security staff manage all aspects of security, including:
  • Log correlation and event monitoring
  • Incident response
  • Managing intrusion detection systems (both host and network)
  • Perimeter defense
  • Service and architecture testing
  • Source code reviews
  • Vulnerability Management
Privacy protection and data protection frameworks

Intermedia maintains a comprehensive privacy policy. In addition, we are registered with the US Department of Commerce as compliant with US-EU and US-Swiss Safe Harbor frameworks, which were created to bridge the gap between US and EU/Swiss data protection and privacy standards. All our EU and US customers benefit from this level of protection.

“Mining” identifiable customer data for 3rd-party advertising

Identifiable customer data never gets “mined” to serve third-party ads.

Customer choice of data location
  • Customers can choose their primary datacenter region to eliminate lag or comply with national regulations
  • Customers can locate their data in two datacenters to eliminate lag
Data jurisdiction/residency

Data storage location will not move across national borders without your consent.

Protection against surveillance

Intermedia does not provide government agencies with direct access to our network, applications or systems. When we do receive subpoenas, we defend our customers’ right to privacy by ensuring that every request complies with the law and by only providing the minimum required information.

Private cloud availability

Private clouds are available for customers that want customized security or integrations.

Security information and event management
  • Logs are centrally collected from our services
  • Automated monitoring and alerting is performed to identify suspicious events
Event notification
  • Account contact gets notified when critical security preferences are changed (coming in next release of HostPilot)
Event log analytics tool
  • Event log of changes made on account from HostPilot/Partner Portal.
Audit trails
  • SecuriSync: Admins can view detailed event logs for all file activity
Internal security practices
  • Threat intelligence
  • Vulnerability management
  • Patch management
  • Network and application penetration testing
  • Code reviews (automated and manual)
  • Network forensics
  • Incident response
RESOURCES
ALL RESOURCES

Request a Quote

Speak with one of our experts about your cloud needs

Request a call back
or

Start your Worry-Free Experience now