Platform Security Overview
Encryption
Encrypted media is available for SIP Trunk products via sRTP protocol when SIP-TLS is enforced
Device Management Systems use HTTPS protocol to provision supported devices
Physical Security
Access4 servers are hosted in highly secure Australian Datacentres: NextDC, Polaris and Equinix.
Datacentre security include:
Network/Systems Security
SIP registration with username and password digest authentication is mandatory prior to making any call
Broadworks servers and SBCs are regularly patched or upgraded to address any security issues
Identity management
All SASBOSS passwords are stored in the database in irreversible hashed form and cannot be recovered by Access4
Access4 enforces two-factor authentication for root and Partner level logins to SASBOSS. Customer level login 2FA is optional
SIP passwords pushed to end point configurations via ZTP and not handled by humans reducing risk of exposure
SIP passwords for SIP trunks or Generic SIP devices are only transmitted via encrypted channels
Automatic account lockouts are implemented based on multiple failed attempts
Auto generated passwords are available through SASBOSS for creating or changing account passwords
Access4 internal protocol for distributing credentials is through mixed mediums
Usernames segregated from passwords which are distributed via SMS