Test Drive

Modern Faxing with APIs: Secure & Automated Solutions

Share This Post

Fax, an aging technology, remains relevant thanks to APIs that automate the sending and receiving of faxed documents.

The Visionary Origins of Networked Communication: J.C.R. Licklider (1960s)

A psychologist and computer scientist at ARPA (Advanced Research Projects Agency), Licklider imagined a future where computers could help people collaborate across distances. He called it the “Intergalactic Computer Network.” He asked:  “What if computers could share data and programs across a network?”

Why Fax Technology Still Matters in the Digital Age

Sixty years later, an ‘old and reliable’ technology; Fax is more efficient and reliable than ever thanks to the Internet and software programs to send and receive faxes electronically, with no human intervention required.  

This is accomplished by the software solutions in healthcare (EMR/EHR) programs needing to fax documents through cloud-based fax services or on-premise fax servers.  Received faxes can also be ingested from the fax service or fax server that received the fax.  Ditto for manufacturers distributors who use back-office ERP solutions such as SAP and BaaN to use an API or File-Drop to automatically fax out purchase orders, invoices and other business related documents. 

What Is an API and Why It Matters for Fax Automation

An Application Program Interface (API) defines the rules for software programs to communicate with other software systems. Developers expose or create APIs so that other applications can communicate with their applications programmatically. 

For decades, SOAP was the predominant method used by applications to interact.  Now, a more modern Web API (or Web Service) conforming to the REST architectural style is called a REST API (or RESTful API). 

REST is an acronym for REpresentational State Transfer and an architectural style for distributed hypermedia systems. Roy Fielding first presented it in 2000 in his famous dissertation. Since then, it has become one of the most widely used approaches for building web-based APIs (Application Programming Interfaces).

REST is not a protocol or a standard, it is an architectural style. During the development phase, API developers can implement REST in a variety of ways.

REST uses guiding principles and constraints. These principles must be followed in order for a service interface is to be considered as RESTful.

How Cloud-Based APIs Are Revolutionizing Fax Services

With computing services moving to ‘the Cloud’ the modern API is web-based, enabling integrations to be created without building out internal systems or deploying servers.  In the case of FaxCore, its REST API is published and free to leverage for an integration.  Anyone interested in fax enabling an application or business process only needs a test account on a FaxCore cloud server.  This low-cost, to no cost way to develop an integration is the norm to get an integration done.  

Once the integration is completed one can purchase a FaxCore server and use it internally on the corporate network or a subscription to a FaxCore cloud service can be signed up for and the cost is determined by the number of fax pages sent and received.  FaxCore can also provide number porting to get existing fax numbers moved to the cloud service and new numbers can also be procured. 

Monitoring and Managing Faxes via API

Additional elements of the API include checking on the status of a fax sent, probing the API to confirm that the fax was successfully sent and to check for any new faxes that have been received.

Web services, cloud servers and documents stored in the cloud naturally lead to the question of how secure is it?  This is especially true for faxing since most documents contain Patient Health Information (PHI) or financial information when it comes purchase orders, financial information from Insurance companies, and the like.

At FaxCore, security is a top-priority. FaxCore’s cloud services operate in Microsoft Azure datacenters, which are SOC 2 compliant and provide customers with a HIPAA and PCI compliant fax solution. In addition to HTTPS connections, we leverage multiple defense-in-depth strategies provided by patented etherFAX technology including two-factor authentication, end-to-end encryption, and in-network routing to guarantee that faxes remain protected. FaxCore’s charter is providing reliable, innovative and cost effective fax solutions than span from on-premise deployments and hybrid fax servers to a fully cloud based service.   FaxCore servers are critical to the financial, insurance and healthcare industries with thousands of servers deployed worldwide.  

Physical Security of FaxCore Cloud Services

 All data centers used for housing FaxCore cloud services are the ‘gold standard’ for security and reliability in their respective territories. Their qualifications earn them all of the required certifications for a world class datacenter. For more information visit https://learn.microsoft.com/en-us/azure/security/fundamentals/physical-security  The data centers are staffed with 24-hour security officers. Visitors are screened upon entry to verify identity and escorted to appropriate locations. Access history is recorded for audit. Only authorized and essential personnel have access to the FaxCore cloud servers and are the only ones who can manage the equipment. 

Protecting Your Network with FaxCore’s Built-In Security

Network security protects data from both intentional and unintentional breaches that could occur and since FaxCore cloud services handle sensitive data daily, the network is designed to protect that information. While there is no federal agency that can “certify” a solution as such, FaxCore adheres to the following published HIPAA.

  • Current and up-to-date firewalls
  • DMZs or logical components
  • Intrusion Detection and Logging
  • PCI-compliant levels of SSL and TLS security (AES 256 bit encryption)
  • SSL encryption for internal communication between servers / data centers
  • Frequent vulnerability assessments performed on internal and production cloudnetworks
  • Frequent security scans performed on internal and cloud fax networks
  • Frequent penetration tests performed on internal and cloud fax networks
  • Ongoing process of updating and patching the cloud fax network
  • Documented procedures describing the control processes over network security and administration processes
  • Network and host intrusion detection and prevention (IDS / IPS)
  • Systematic auditing and review of logged data including, but not limited to:
  • Invalid access attempts
  • Access to identification, authentication and authorization mechanisms
  • Access attempts to the database
  • Account changes
  • All successful and unsuccessful logins
  • Formal alerting and response process used in the event the Intrusion DetectionSystem detects a suspicious event or exceeds normal thresholds or our environment.

FaxCore’s Commitment to HIPAA Compliance

While there is no federal agency that can “certify” a solution as such, FaxCore adheres to the following published HIPAA guidelines: 

ADMINISTRATIVE SAFEGUARDS

Policies and procedures to comply with HIPAA by maintaining security measures to protect electronic information and manage the conduct of covered entity’s employees.

Third party vendors must comply with HIPAA requirements, typically through contracts stating vendor will meet the same data protection requirements that apply to the covered entity (Business Associate Agreement — BAA)

PHYSICAL SAFEGUARDS

Controlling physical access to protect against inappropriate access to protected data

TECHNICAL SAFEGUARDS

Controlling access to computer systems and protecting communications containing PHI transmitted electronically over open networks from being intercepted by anyone other the intended recipient.

Securing FaxCore Applications: Encryption and Access Control

FaxCore uses the same underlying security technology used by online banking. Built on the Microsoft.net platform and leveraging Microsoft SQL server, FaxCore uses AES 256 encryption on all faxes at rest within the server. FaxCore takes care to ensure any info in the system is properly secured at all times. 

  • All faxes are encrypted in-transit (within FaxCore’s network and in the communication with etherFAX) and is also encrypted while at-rest.
  • Utilization of Secure Socket Layer (SSL) encryption for all web traffic (SSL v2/v8are disabled or security best practices) and Transport Layer Security (TLS 1.2) for all email communication (opportunistic or enforced).
  • AES 256-bit encryption support.
  • Strictly controlled users and administrator authentication on platform.
  • Enforced minimum password standards or length, complexity, and characters.
  • Controls in place to protect the authenticity to communications sessions.
  • Multiple options for customers to specify the duration of fax document storage.

Ensuring Uptime: FaxCore’s Redundancy and Disaster Recovery

Redundant infrastructure and Enterprise Class Servers provide for 99.99% uptime. Significant investments in Enterprises Class servers that deliver exceptional performance. High speed hardware maximizes output, production and reliability. Dual power supplies prevent system downtime in the event of any power component failure. With out-of-band management via IPMI our technicians can respond immediately.

The FaxCore software, running in multiple datacenters, has no single point of failure. The ‘mothership’ of the application is the Microsoft SQL server, which runs on multiple hardware instances and is mirrored. FaxCore processes are also installed on redundant hardware instances, which eliminates any single point of failure and ensures no single ‘bottle-neck’ for critical processes. 

Datacenters have redundant Internet connections, power and generators, along with other measures to insure no single point of failure that could take the datacenter down. 

Fax Transport Security: Inside etherFAX’s Defense-in-Depth

FaxCore leverages etherFAX for transport of all inbound and out faxes generated by the server. Security is a clear differentiator when comparing other outsourced fax services to etherFAX. etherFAX incorporate a multi-level encryption/security system known as a “defense-in-depth” approach. It is a layering tactic, conceived by the National Security Agency (NSA), as a comprehensive approach to information and electronic security. 

etherFAX starts with a secure communication channel over HTTPS that secures the “pipe” between the etherFAX client/customer and the back-end services hosted by etherFAX. Once a secure channel has been established, each customer is authenticated using his or her account, user name, and password. Lastly, the etherFAX web service model further encrypts and protects the communication on a “message level” even though the HTTPS channel is already arguably secure.

About FaxCore:

Request an IP Fax Software Demo from FaxCore

FaxCore has been a leading provider of fax servers and cloud-managed fax since 2002, supporting Fortune 500 and Fortune Global 500 companies across numerous industries. Even in the age of email, instant messaging and file sharing, there are still an array of sectors that depend on fax technology to ensure documents reach their destination and arrive securely. Often, businesses that leverage fax do so to align with compliance regulations, maintaining fax as a critical platform and essential piece of their infrastructure.

More To Explore

Ready to Take a test Drive?

Book your free demo today:

Get a Demo
SaaS cloud connecting to multiple devices including servers, tablet, desktop, phone and laptop
Faxcore logo
  • 19590 East Main Street, Suite 207 Parker, Colorado 80138
  • +1 (720) 870-2900
  • info@faxcore.com
Linkedin Youtube Facebook-f Twitter
About

Partners

Sales Channel

Privacy Notice

Products

Features

User Interface

 

Support

Contact Us

FAQ

Resources

Blog

Product Brochures

Success Stories