Zero Trust security upgrade has been completed

Feb 10, 2024
We have completed the implementation and audit work related to our Zero Trust security design. By separating the system layers, we increase security related to privilege and identity.

Most of this is transparent to the end user. It does however result in extra work for our support staff so we ask for some patience if we are unable to take every call or answer every email right away. As a reminder, we endeavor to respond to every call and email in less than one hour. Our support hours are 8am-8pm weekdays and 10am-5pm weekends/holidays.

MOVEit Transfer data thefts

Aug 29, 2023

MOVEit is a centralized platform used for file transfer between (often USA based) corporations.  Initially developed by Ipswitch and now part of Progress Software Corporation, this file transfer system was initially breeched in May 2023.

By Aug it has been revealed that 1000 MOVEit victims and 60 million individuals are affected by the series of exploitation. Based upon older technologies, this dual layer design meant that the breach of the system resulted in a mass data theft.  Unfortunately some firms have been complacent with security.

eClaims Workflow is a modern design including data partitioning to ensure that any possible breach is limited in scope to the transaction. No single technology failure could result in a mass breech as occured with MOVEit. We are constantly evolving our security and systems to stay ahead of new threats.

DNS Security Upgrade

Jan 2, 2023 
We use a number of methods to deter internet identity theft. We have just added DNS CAA restrictions to prevent a third party from spoofing our website and/or ssl encryption. Our encryption standards already have an A+ rating with SSL Labs and this addition will ensure that no bad actor will be able to fool our clients into accessing a fake copy of our website.

Regional Access Limitations

Dec 1, 2022 
We actively block traffic from a number of outside regions. Those include geographical regions outside of North America, internet regions of ill repute, TOR exit nodes, VPN anonymizer services (such as Nord, SurfShark, or IPVanish), and select systems with a history of abuse. This is done to minimize the amount of abuse received by our systems as well as to keep the job of security log review at a more reasonable level. We do realize that users travel to regions outside of North America and may wish to continue working through eClaims Workflow. If this occurs you can request a time limited region block exception by contacting eClaims Workflow Support / 1.888.593.2463 x4

Deployment of IPv6

May 27, 2022 
We have completed implementation and testing of our dual stack connectivity including full support for both IPv4 and IPv6. IPv6 is considered the future of the internet and we have implemented this on all systems including webserver, API, security, and email systems. This is in place at all Canadian and USA based datacentres.