Regulatory compliance
GLBA compliance
GLBA compliance means safeguarding customer financial information under the Gramm-Leach-Bliley Act, which applies to any organization significantly engaged in providing financial products or services to consumers — banks, lenders, brokers, and their service providers alike. WestFax gives financial institutions a secure, encrypted fax network built to deliver that data in real time without exposing it in transit.
The mandate
Who GLBA applies to
GLBA applies to all organizations, regardless of size, that are “significantly engaged” in providing financial products or services to consumers — including many companies not traditionally considered financial institutions: check-cashing businesses, payday lenders, mortgage brokers, non-bank lenders, appraisers, retailers that issue branded credit cards, tax preparers, and courier services. It also reaches companies that receive information about customers of other financial institutions, such as credit reporting agencies and ATM operators.
Beyond their own safeguards, covered companies are responsible for ensuring their affiliates and service providers — including cloud-based software providers — protect customer information in their care. Implementing secure, real-time electronic delivery of financial data is crucial to meeting this mandate.
Encryption end to end
How WestFax helps you comply
WestFax takes security seriously. We serve thousands of customers of every size with the protocols and policies in place for a complete, robust security framework — a fax network built to meet the enterprise faxing needs of financial organizations every day.
Transmitting or receiving personally identifiable information (PII) by fax requires encryption from origin to transmittal and while the data is at rest. We store faxes in the cloud encrypted with AES-256, and require TLS 1.2+ protocols point to point so data is encrypted through its entire document lifecycle.
How your data stays protected
WestFax security details
One platform, one set of controls — under every framework we support.
Transmission security
The highest level of TLS available for data in transit — web, print driver, and API — plus TLS-protected SMTP (RFC 3207) and FTPS/SFTP.
Encryption at rest
AES-256 encryption of data at every phase of processing, guarded by Access Control Lists.
Physical security
SOC 2-compliant data centers with 24×7 guards, video surveillance, and biometric control of private-cloud areas.
Access control
Data isolated to a private-cloud environment, with unique user IDs, enforced password complexity, and multi-factor authentication.
Data integrity
End-to-end encryption and signature protocols prevent tampering in transit; every message is archived encrypted.
Audit & monitoring
Internal and external access logs reviewed in real time to detect and prevent security issues.
Faxing for financial networks.
WestFax has been a secure cloud fax provider since 1999. Reach out to learn more about our offerings for financial organizations.
