Skip to content

CloudOCR Security

Cloud OCR Process Flow and Security Whitepaper

CloudOCR was designed to be a transactional system with no long-term storage of documents or data.  Its sole purpose is to extract information, verify the data captured with human validation of the errors, and return the documents and associated data securely to the organization who submitted the file. 

Inputs

Email

Emails that have been whitelisted will submit emails to CloudOCR. Outlook or exchange rules can be configured to sent the email and its attachment(s) to a special email’s inbox. The attachments will then be stripped from the email and processed though CloudOCR.

Security comments

  • Your company will receive documents to your orginizations email. These emails are then forwarded via email to CloudOCR while mirroring the same security in which you received the email to your organization’s email. The email(s) will then be encripted and protected once in the CloudOCR system.
  • The original email is housed in the Sent folder of the account that sent the email to CloudOCR. This is how data is backed up in real time.
  • Once the item’s within the email have been downloaded, CloudOCR purges all the data from our system. The purging of the data is made possible due to the original email being housed in your organization’s the Send folder. Essentially all data being processed by CloudOCR are copies.

Secure Management Tool

The Secure Management Tool (SMT) allows documents to be uploaded from a secure server folder location.

  • The SMT watches the folder and sends the data to the CloudOCR service using an encrypted connection.
  • The SMT can upload an XLS template Vendor File to load the vendor information.
  • The SMT tool can be configured to download the processed files with the metadata using the same technique to a folder where further processing can occur to load the files into the core application.

Security comments

  • The documents are encrypted in transit with a unique encryption key per CloudOCR account. There are no risks from other clients that use the system.
  • The files are uploaded and downloaded in an encrypted state to the server where the SMT is configured.
  • Files are encrypted at rest. 

CloudOCR Web Services

Web services are available for clients to securely connect and perform necessary processing activities.

Server Infrastructure

The servers are stored in AWS.  These servers are actively managed and maintained by the CloudOCR team.  We have two VPNs configured. 

  • VPN1 is used for the external facing web servers.
  • VPN2 is used for the backend servers to communicate securely with the Web Server and the database. 

 

External Interfaces

The design of CloudOCR was developed to not have any customer facing interfaces on the same servers as the production data.  The web site and portal as segmented out and use the web services developed by CloudOCR to access the information for the web site.  There are no direct authenticated sessions to the backend servers where data is stored and processed.

Server Access

Servers are only access by our lead development resources.  Access is strictly controlled through a whitelisting of the IP address and multi-factor login control with the AWS portal.

External Interfaces

Data Security

The design of CloudOCR was developed to not have any customer facing interfaces on the same servers as the production data.  There are no direct authenticated sessions to the backend servers where data is stored and processed.

Due to the transactional nature of the service CloudOCR provides, data security and control is of the highest importance.

Here are the policies and processes that make up the CloudOCR Data Management Program:

  • Files that are uploaded are deleted within one day after being downloaded.
  • Data is delivered back to the client via secure encrypted connection.

Server Infrastructure

External Interfaces

Server
Access

DATA
Security

The servers are stored in AWS.  These servers are actively managed and maintained by the CloudOCR team. 

The design of CloudOCR was developed to not have any customer facing interfaces on the same servers as the production data.  There are no direct authenticated sessions to the backend servers where data is stored and processed.

Servers are only accessed by our lead development resources.  Access is strictly controlled through a whitelisting method and mili-factor login control within the CloudOCR cloud environment.

Due to the transactional nature of the service CloudOCR provides data security and control is of the highest importance.  Here are the policies and processes that make up the CloudOCR data management program.

  1. Files that are uploaded are deleted within one day after being downloaded.
  2. Data is delivered back to the client via secure encrypted connection.

 

Server Infrastructure

Due to the transactional nature of the service CloudOCR provides, data security and control is of the highest importance.  List below are the policies and processes that make up the CloudOCR data.

  • Files that are uploaded are deleted within 18 hours after being downloaded.
  • Metadata is stored for batch control and processing audit logs for 1 week.
    • There are no interfaces to access the extracted data via the web services, portal, or any other means. The only way data can be exposed would be to have direct access to the SQL server and know the secure password to connect to the DB from the whitelisted access point. 
  • Data is delivered back to the client via TLS secure connection.

Employee access

Employees access the system through a TLS Certificate.  This is a secure site with their credentials to gain access to the Web interface for verification.  Employees only have access to the projects they are assigned, and do not possess open access to all client information. 

Employee’s access is monitored and controlled by managers that are supervising the system daily.  The only items that employees can see are the files assigned to them by managers and supervisors. Once a file is processed, the employee is not able to browse or access the file or the meta data. 

Employee Safety Training

Employees are trained not to use personal devices or use their work PC for anything but working on the verification of the documents.  The work PCs are pre-configured to only use the Verification software and not be able to install third-party software.

If an employee is deemed to be doing high risk behavior their access can be terminated instantly while corrections are being made. 

All employees sign a data security agreement that details out the required security protocols and holds the employee personally liable for their actions. 

Server Infrastructure

Employee access

Employee Safety Training

Due to the transactional nature of the service CloudOCR provides, data security and control is of the highest importance.  List below are the policies and processes that make up the CloudOCR data.

  • Files that are uploaded are deleted within 18 hours after being downloaded.
  • Metadata is stored for batch control and processing audit logs for 1 week.
    • There are no interfaces to access the extracted data via the web services, portal, or any other means. The only way data can be exposed would be to have direct access to the SQL server and know the secure password to connect to the DB from the whitelisted access point. 
  • Data is delivered back to the client via TLS secure connection.

Employees access the system through a TLS Certificate.  This is a secure site with their credentials to gain access to the Web interface for verification.  Employees only have access to the projects they are assigned, and do not possess open access to all client information. 

Employee’s access is monitored and controlled by managers that are supervising the system daily.  The only items that employees can see are the files assigned to them by managers and supervisors. Once a file is processed, the employee is not able to browse or access the file or the meta data. 

Employees are trained not to use personal devices or use their work PC for anything but working on the verification of the documents.  The work PCs are pre-configured to only use the Verification software and not be able to install third-party software.

If an employee is deemed to be doing high risk behavior their access can be terminated instantly while corrections are being made. 

All employees sign a data security agreement that details out the required security protocols and holds the employee personally liable for their actions.