Documents and multimedia data that is loaded to the CaseFile Connect solution is secured and encrypted, both at rest and during transit. All encryption uses open-source encrypting mechanisms, designed and implemented by information system security experts.
• 256bit AES encryption and TLS
• PKI for trusted key management
• ISO/IEC 27001 and NIST SP800-53
• HIPAA, PCI and PII aware and compliant
• Data maintained in U.S.
• Corp and Ops systems segregation
The CaseFile Connect application is tightly controlled in advanced ways to ensure only authorized access.
• Role based access
• Chain-of-custody and ACLs maintained
• Strong password and MFA policies enforced
• System time-out policies
• Access available only via HTTPS
• Hierarchical security paradigm
• Employee background checks
• Strict internal security policy enforcement
CaseFile Connect employs layered defense mechanisms to ensure all systems and data remain secure, resilient, and protected from unauthorized access or compromise.
• Hardened system architecture with defense-in-depth controls
• Continuous protection of data in transit and at rest
• Secure boundary protections, including firewalls and encrypted channels
• Automated system updates and security patching
• Protection against unauthorized data transfer or external connections
• Secure session controls and enforced timeout settings
• Isolation of critical services and controlled system interactions
• Active monitoring to prevent, detect, and block malicious activity
The CaseFile Connect platform implements comprehensive auditing capabilities to ensure all system activity is monitored, recorded, and preserved in accordance with NIST requirements.
• Detailed audit logs for user actions and system events
• Immutable logging with protected audit trails
• Real-time monitoring and alerting for anomalous behavior
• Timestamped records synchronized with authoritative time sources
• Role-based access to audit information
• Automated log review and retention policies
• Secure storage and protection of audit data from unauthorized modification
• Support for incident investigations and forensic analysis
CaseFile Connect enforces strict identity verification and authentication measures to ensure only validated users can access protected information and system resources.
• Unique user identification with role-based profiles
• Multi-factor authentication (MFA) required for all access
• Strong password creation, rotation, and reuse policies
• Secure session initiation with automated timeout and reauthentication
• Controlled management of credentials and authentication tokens
• Protection of identifiers and passwords in transit and at rest
• Verified identity proofing for new accounts and access changes
• Continuous monitoring for unauthorized access attempts or anomalies
CaseFile Connect actively safeguards system integrity and ensures the accuracy, reliability, and trustworthiness of all information processed within the platform.
• Continuous monitoring for vulnerabilities, threats, and abnormal activity
• Automated detection and alerting for suspicious or unauthorized changes
• Regular application of security patches and updates
• Integrity checks to validate data accuracy and prevent corruption
• Malware protection with real-time scanning and prevention controls
• Strict controls to prevent unauthorized code execution or system modifications
• Timely remediation of identified security issues
• Safeguards to ensure information remains complete, authentic, and unaltered
CaseFile Connect ensures all personnel understand their security responsibilities and are trained to recognize, prevent, and report security risks.
• Mandatory security awareness training for all employees
• Role-specific training for users with elevated privileges
• Ongoing education on emerging threats, phishing, and safe practices
• Regular testing and reinforcement of security concepts
• Documented policies outlining user responsibilities
• Continuous improvement of training content based on trends and incidents
• Verification that all personnel acknowledge and follow security procedures
CaseFile Connect maintains a robust incident response capability to rapidly identify, contain, and remediate security events while ensuring minimal disruption and full accountability.
• Documented incident response plan aligned with NIST 800-53
• Continuous monitoring to detect potential threats and anomalies
• Formal escalation procedures for security events
• Rapid containment, eradication, and recovery processes
• Dedicated response team trained in investigation and forensic best practices
• Detailed incident logging and root-cause analysis
• Post-incident reviews to strengthen controls and prevent recurrence
• Communication protocols to ensure stakeholders are informed when necessary
Contact us for more information about CaseFile Connect security practices and architecture and how we ensure safety and security inside correctional facilities.
