Cryptographic Standards and Security

Echoworx currently has data centers in the US, UK, Canada, Ireland and Germany, enabling you to keep your data in-country or a specific region. Services are fully redundant within any given geographical region and your data is replicated in real time for disaster recovery.

Echoworx supports both private cloud and dedicated cloud service models.

The National Institute of Standards and Technology (NIST) has unveiled the first set of cryptographic algorithms that are resistant to potential quantum computing threats. These will be integrated into NIST’s post-quantum cryptographic standard, projected for completion in 2024, and Echoworx is proud to be at the forefront of this innovation.

Our aim is to incorporate these advanced algorithms into our SMIME, PGP, and TLS applications well before they become mainstream. For our remaining encrypted email pathways, we’re bolstering security with our newly developed KMS-based AES keys for both Portal and PDF messages, ensuring they are quantum-resistant. And with our recent transition to AWS KMS, we now have the capability to offer a customized client that can take full advantage of quantum-resistant algorithms for API exchanges.

We subject our security practices to audits covering all aspects of our business including SOC2 Audit | PCI DSS Level 1 Certification | OpenID Connect RP Certification | CCS G-Cloud 13 and are AICPA/CICA WebTrust Compliant. Explore our certifications.

We believe that protecting people’s privacy is the right thing to do. Echoworx abides by the laws of the countries we do business in or with, including PIPEDA, GDPR and more.

Our Key Management enables hosted Echoworx environments to utilize Amazon’s Key Management system (AWS KMS) with AWS hardware security module (HSM) keys for even more robust encryption protection including:

• Customer control and management of encryption keys.
• Cryptographic keys and operations secured by FIPS 140-2 certified Hardware Security Modules (HSMs).