Tapestry Software Suite     

211 and I&R
Disaster Management
Homeless Management
Volunteer Management
Case Management
Donor Outreach
Elder Care
Foster Care
Job Bank
Job Training
Progress Plans
Resumes and Portfolios
Youth Opportunities

Breakthrough Communities



Security

VisionLink protects the information of millions of people, so we deploy an extensive array of security measures. Our security measures begin with the selection of software products and server platforms.  We use LINUX operating systems because of their excellent track record defending against attack and because of the infrequent need for security patches and corrections.  We do not use any Microsoft systems in our server environment because of the interest they generate from the hacker community.

At the server level we deploy a defense in depth strategy.  Security measures are in place at each of the switch, router, web server, and application levels-and finally at the database level as well.  Our firewalls are configured as an IP-less bridge, meaning that is is not possible to reach the firewall via remote means.  Fall-back passive routing is enabled at all times for automatic response should the primary systems fail.  We support secure transactions using SSL encryption.

At the user account level, and depending on the specific module in use, access rights can be determined by site, module, page, tool and field.  In addition, affiliation by agency provides far-reaching capacities to determine access rights to certain modules, tools, pages, and sets of client data and reporting data.  Some software suites support configurable default security settings as well and template-based security settings for management of many user accounts in groups.  For our software suites that specifically support minors and/or students, VisionLink software automatically hides personal information from non-authorized adults.

Collaboration settings allow tremendous flexibility.  A client record for case management,  for example can be completely private between agencies, shared in part, or shared in whole, or records can be handed-off from one agency to another.  Each of these options can be deployed simultaneously for different organizations as appropriate, and depend on the module in use.

Passwords are randomized and typically include both alpha, numeric and symbol characters for added security.  User access is set to auto-expire after periods of inactivity.  As an additional precaution logs are used to keep track of-or investigate access by users.  Many modules include an audit trail where access to data, and additions or deletions of that data is logged by time, date and user.  The online support assistant case management module (OLSA) in Tapestry is HIPAA compliant, and includes HIPAA required audit trails.

VisionLink also offers an optional Personal Information Number generator which can be deployed independent of VisionLink systems or servers so that PIN numbers can be generated for users without the transmission, logging, or storage of any client-specific personal information (such as name, birth date, social security number and so forth).

 

Tapestry is a mature system.  For example, system operators have the ability to search and review all user accounts by user level, access rights, security group affiliation and much more.  This means that you can not only mange new user accounts, you can audit that information over time to be sure the system is operating the way you intend.