Information Security

Secure Cloud Hosting

InReach Solutions emphasizes performance and security by leveraging a cloud-first, AWS hosted environment. This infrastructure adheres to industry best practices, including HIPAA compliance and robust data security measures, ensuring that client data is safeguarded at all times.

  • Features state of the art physical, network, and host-based security systems

  • Data is stored within the continental United States

  • Continuous monitoring of our infrastructure environment and workstations proactively tracks critical system metrics, detects anomalies, and sends real-time notifications to our team, enabling rapid response to potential issues before they impact service.

  • Monthly patching of servers and workstations for security vulnerabilities.

Data Loss Prevention & Privacy

InReach Solutions uses best practices and policies to prevent data loss.

  • All media, including data stored on physical and virtual devices, is encrypted at rest and in transit to protect sensitive information from unauthorized access. This encryption is applied across all storage systems, safeguarding data integrity and confidentiality.

  • All critical data and resources are backed up nightly and securely stored in a multi-region setup, ensuring that data remains accessible and recoverable even in the event of a regional disruption.

  • Regular testing of backup procedures verify the integrity of the backups and recovery procedures are effective and efficient.

  • Customer data is isolated to prevent unauthorized access between sites.

  • Business continuity and Disaster Recovery policies and plans are established, reviewed, and tested periodically.

  • Our Privacy Policy is available at https://www.inreachsolutions.com/privacy-policy.

Application Security Controls

SAM’s security features are foundational to the application.

  • Strong password requirements and Multi-factor authentication (MFA) measures are enforced to validate a user’s identity prior to access to the system. Customer settings to enforce password changes are available.

  • User Permissions can be established to limit user access to data within the system.

  • Audit and Modification reports are available to track user behavior.

  • Forced user logout after period of inactivity.

Awareness Training & Access Controls

All employees are required to complete annual security training to remain up to date on best practices, emerging threats, and their roles in maintaining a secure environment. This regular reinforcement helps build a workforce well-equipped to identify and mitigate security risks.

  • Background checks for those with access to the data.

  • Annual HIPAA and security training for staff.

  • Restrict access on a need-to-know basis.

We prioritize the security of our systems and client data by maintaining access controls to limit user privilege to confidential information on a need to know basis for our team, minimizing exposure to sensitive information and requiring Multi-Factor Authentication (MFA) across all systems.

Incident Management

InReach Solutions is committed to appropriately protecting all information relating to its clients and their data, as well as protecting its confidential business information including information relating to its employees.

  • Policies and procedures are maintained and regularly reviewed to clarify response procedures.

  • Mitigation procedures are proactive by having SEIM, EDR, and MDR solutions implemented on all servers and workstations. These solutions alert our Incident Response team of potential threats for investigation.

  • In the event that a security incident is declared, our Incident Response team will manage the investigation. If any customer data were to be affected, customers will be notified following established policies.