Virtual Case Management™ (VCM) was designed with security at its core from the very way the coding was written. Every aspect of VCM was scrutinized with retrospect to the security infrastructure. Security professionals know that security is best done as layers of protection and there are no products offering 100% protection. However by incorporating layers of protection and intertwining every facet around security you will create the very best protection available. Virtual Case Management™ offers many layers of protection but the most noticeable are the encryption capabilities, government grade biometrics integration (MINIX) and the server/hosting security solutions (SCIF) standards that surpass DOD Standards.

Encryption Capabilities:

Virtual Case Management™ utilizes VeriSign as its encryption technology and we do this for one apparent reason…they are the best at what they do. We had the decision of using 128bit or 256bit encryption and to save money with a competitor or spend twice as much to obtain the very best encryption available. We spent the money…the quick easy syndrome always “costs” more. VCM is committed to only offering the highest quality most secure case management solution available.

Since VeriSign is the leading secure sockets layer (SSL) Certificate Authority in the world; enabling secure e-commerce and communications for Fortune 500 companies, governments, and 40 of the largest banks in the world….the decision was easy.

Having this kind of trust gives you the confidence in knowing your entire transaction from the log-in to the log-out is completely secure, with the noticeable trusted display of the VeriSign Secured Seal and the Green Ok Status Bar within the web sites URL address. Every SSL Certificate is created for a particular server in a specific domain for a verified business entity. Like a passport or a driver’s license, an SSL Certificate is issued by a trusted authority, the Certificate Authority (CA). Each SSL Certificate contains unique, authenticated information about the certificate owner. Every SSL Certificate is issued by a Certificate Authority that verifies the identity of the certificate owner.

Secure Sockets Layer (SSL) encryption works by encrypting sensitive information during online transactions. An SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). Virtual Case Management™ incorporates 256-bit encryption, protecting all transaction data; however encryption can fluctuate based on the web browser; so we suggest using Microsoft’s Internet Explore Version 7 or above…which allows for 256-bit encryption.

Virtual Case Management™ only offers SSL encryption if we are the hosting provider. If you host VCM locally on your server, we suggest investing in a SSL secured certificate license to protect your data.

Biometric Capabilities:

Virtual Case Management™ requires that you enter in the company name, user name, and password by default in order to access the system. However we also offer the ability for the end user to bypass the typing of a password by entering in a biometric sample. This also assists in the protection against many hacking utilities…i.e. Dictionary Attack Utilities, etc.

By locating standards set by the NIST (National Institute of Standards & Technology), PIV (Personal Identity Verification), MINEX (Minutiae Interoperability Exchange Test) and the FBI’s EFTS (Electronic Fingerprint Transmission Specification), we are able to offer you the most intelligent security solution. After conducting extensive research we located the leader in offering MINEX certified government grade biometric readers and software algorithms. SecuGen… an NIST certified, MINEX-compliant template extraction and matching algorithms security solution; that has been tested and approved for use in the U.S. government’s Personal Identity Verification PIV program as defined by the FIPS 201 standard. SecuGen’s template extraction and matching algorithms, to include the Hamster IV fingerprint reader are listed on the U.S. GSA’s FIPS 201 Approved Products List.

Virtual Case Management™ took this approach due to only wanting to offer the utmost security…and most consumer biometric readers are not MINEX certified compliant.

All readers are solidly engineered with optic parts tightly assembled…allowing for the accidental dropping of sensors without the need for re-calibration. The sensor prism is virtually indestructible, made of a very hard quartz like material that resists scratches, stress, and corrosion. Every scanner has been tested in subfreezing, arid, and tropical climates…to include; electrostatic discharge (ESD), Impact, vibration, and shock. All biometric scanners have been tested to resist exposure from contaminants and corrosives such as sweat, dirt, oil and cleaning agents. Virtual Case Management™ stands behind every biometric scanner…where if there is any defect or fault in the performance of the sensor; we will gladly replace it for free within one year of purchase. (If your organization requires you to accept different readers or a different type of biometric sample…i.e. iris, voice…etc. inquire at support@virtualcasemanagement.com) We offer biometric scanning devices as stand alone units or readers incorporated into keyboards and mice.

In an independent test of major biometric products, carried out by International Biometric Group, SecuGen's sensor and algorithm achieved 0.0% false acceptance and 0.0% false rejection rates. An innovative optic design yields practically distortion-free, high-contrast images from which data points are used for enrollment and matching. SecuGen's patented SEIR™ (Surface Enhanced Irregular Reflection) optic technology method eliminates the majority of distortion and image quality problems that are common with traditional optical sensors. Click here to learn more about the advantages of SEIR optic technology SEIR Optic Technology whitepaper (PDF)

Who else uses SecuGen Sensors and algorithms?

Customers from 60 countries including; Fortune 500 companies, leading security and biometric companies, original equipment manufacturers, the financial and healthcare industry and many government offices.

What else you will want?

SecuDesktop Pro is an advanced biometric technology to safeguard desktop and laptop PCs against unauthorized intrusion. SecuDesktop Pro’s meets U.S. government biometric standards with new critical technologies that comply with FIPS 201. The fingerprint authentication “module” integrates seamlessly into the Windows logon process allowing a user to logon with his or her fingerprint, now supporting Microsoft Vista. Download SecuDesktop Pro during your checkout…

Hosting Capabilities:

Virtual Case Management™ offers two types of hosting services; very secure and extremely secure. The emphasis on security compliance has led us to physical security and electronic espionage security; where most hosting providers provide some security with basic firewalls…however we located ServerVault. Virtual Case Management™ utilizes various hosting providers which are all secure against power outages, hurricanes, disasters, and computer theft. However, Virtual Case Management™ also offers (for an additional fee) compliant IT Hosting Security for Federal Agencies, that surpass security requirements by the Department of Defense (DOD).

Virtual Case Management™ and ServerVault’s processes and infrastructure are designed, built and maintained to the highest levels of security. For systems with the highest security requirements, the traditional model of facilities that are open to multiple customers, contractors and vendors as well as unscreened, uncertified electricians, drywall contractors, locksmiths and cleaning crews is obsolete. Every aspect and detail of every square inch Server Vault’s data facility, from street to sensor to server, must be scrutinized and monitored with extraordinary discipline. Every facet of ServerVault’s facilities has been designed with security and resilience as the prime factors.

Servers are protected by one of the largest “vaults” in the nation along with physical security and armed guards. In fact, ServerVault’s physical security exceeds the Department of Defense standards for SCIF (Sensitive Compartmented Information Facility). These hosting services are specifically engineered to help federal agencies and commercial entities achieve the most stringent security posture as well as comply with a wide range of IT security regulations, including FISMA, DITSCAP, Sarbanes-Oxley and HIPAA.

ServerVault™ has passed compliance audits and holds active certifications (Authority to Operate - ATOs) for a number of security-sensitive federal agency applications. ServerVault not only provides the highest levels of physical, procedural and logical security, but does so in a way that helps federal agencies comply with the Federal Information Security Management Act (FISMA).