COTÈ SOFTWARE & SOLUTIONS (COTÈ) and its AGENCYMATE SaaS platform has an ISO 27001:2013 Certification comprised of standard operational instructions, practical standards policies and procedures that are annually audited internally by instruction of the Chief Information Security Officer, and externally by authenticated ISO Auditors. Further compliance with information security governance includes NIST SP 800-53 Rev. 4 and would rate a “Consistently Implemented “ Maturity level for tables 5 – 13 defined in the Inspector General Federal Information Security Modernization Act of 2014 (FISMA) Reporting Metrics.

Penetration Testing

COTÈ uses independent third parties to conduct penetration testing on our software. Penetration testing is conducted at least once per year.

Data Security

Data is transferred via Secure File Transfer Protocol (SFTP), using strong and accepted key sizes and ciphers (e.g., RSA 4096).

Data stored is encrypted at rest using AES-256 encryption keys.

Access Controls

COTÈ uses Active Directory for authentication, bit-locker encryption and group policies for security and access control.

Two-factor authentication is applied to sensitive accounts.

Notifications

As custodian to our Client’s Customer data (PPI) COTÈ’s service agreements have procedures in place to notify / broadcast notifications to our Client’s in the event of a cybersecurity event.