We deliver the Corti solution as a secure cloud-based service to our customers.
This approach allows us to configure each deployed service instance to meet our
customers' needs with flexibility, scalability, and resilience.
Corti Service
Corti delivers its solution as a fully-managed managed service hosted in Azure's secure virtual cloud environment.
Corti provides each customer with a dedicated instance of the deployed service in an Azure data center geographically optimized to meet regulatory and jurisdictional requirements. For customers based in the US, this will typically be the nearest Azure data center within the US to the client's primary operating location.
We configure Azure instances to provide customers with a fully-managed and secure infrastructure. This approach offers a scalable solution using a fully maintained and secure infrastructure.
Each deployed instance of the Corti service employs customer-level segregation and security access controls to ensure the confidentiality of their data.
This solution has the benefit that all data management functions, including information security controls, backup and recovery operations, logging, and auditing, are invisible to the customer. Consequently, these services eliminate the need for in-house specialists to operate and maintain the solution.
Clients access their service instances using applications supplied by Corti. We package these as a Microsoft Windows installation with processes to manage secure customer distribution. Additionally, we provide technical support to assist with deployment.
Service Details
Access Management – Clients access their instance of the Corti service via a proxy server with a Public IP.
Connectivity – Corti uses the Traefik reverse proxy and load balancing solution to implement secure connections between clients and the Azure-hosted service using a Transport Layer Security (TLS) protocol. Communications protocols employed include
Hypertext Transfer Protocol Secure (HTTPS) for external service applications, including Application Programming Interfaces (API), client applications on End-User Devices (EUD), and metadata from Computer-Aided Diagnosis (CAD) systems
SSH File Transfer Protocol (SFTP) for call data and associated metadata. SSH is the Secure Shell Protocol, a cryptographic network protocol for operating services securely over an unsecured network such as the Internet
SIP Recording (SIPREC ) session recording protocol for call data and associated metadata. SIP is the Session Initiation Protocol, a standard protocol for internet-based communication, including telephony, video, and messaging
Key Management – Corti uses Terraform, the infrastructure, as a code solution to securely create and manage each customer's cryptographic keys within their segregated Azure hosting environment. We strictly control key access using Azure's role-based access management technology. Additionally, key use is audited and logged as part of the managed solution.
Content Management – We protect customer service instances against the ingress of malicious content, including malware, by imposing controls on permitted content types and limiting connections to approved IP ranges using IP Safelisting techniques.
SQL Database
Corti provides the customers of our solution with an Azure SQL Database as a managed cloud service for storing structured data. This facility delivers the benefit of SQL functionality in a fully-managed service encapsulated within the customer's Corti instance.
The Azure SQL Database offers
Advanced multi-layered security controls, including network security, data encryption, access, and key management, real-time threat protection, proactive vulnerability alerting, and tamper-evident cryptographic verification of data
An Azure SQL Database firewall that manages access control of stored data
Automatic provisioning that optimizes configuration while ensuring compliance with regulatory standards, including HIPAA and GDPR
Automatic updates to reduce the risk window for known vulnerabilities without imposing an administrative overhead
Automatic backup of important information as part of incident recovery and business continuity practices
Flexible scalability to meet growth requirements
High availability with service level options of up to a guaranteed 99.995%
Azure Blob Data Lake
Customers of the Corti solution can select to use Azure Blob Storage as a managed cloud service for the bulk storage of unstructured data. This facility delivers the benefit of creating data lakes in a fully-managed service encapsulated within the customer’s Corti instance.
The Azure Blob Data Lake facility offers
Data security with Azure active directory role-based authentication, data encryption, and advanced threat protection
Massive data storage capabilities with cost-effective scalability
Multi-protocol access and file namespace support
End-to-end data management using policy-based access controls
Low latency storage to meet high-performance requirements
Supports backup of important information as part of disaster recovery practices
Azure CockroachBD Data Management
Customers of the Corti solution can select to use the CockroachBD with their managed cloud service for the distributed storage of structured data in a SQL database. CockroachBD offers resilience and high availability for critical applications as a fully-managed service encapsulated within the customer’s Corti instance.
The Azure CockroachBD facility offers
Maximized availability using data replication techniques
Zero downtime when configured as a distributed solution
Automatic recovery of hosting failures at disk, machine, rack, or data center levels
Automatic scaling and repair
Supports backup of important information as part of incident recovery and business continuity practices
Elasticsearch
Corti provides customers of its solution with Elastic search functionality to help them maximize the extraction of information from data stores, improving the visibility of infrastructure and the data to deliver insights and visualization.
High-performance data search and analytic capabilities
Provide observability functionality for infrastructure health monitoring and real-time performance analysis
Provides advanced threat prevention, detection, and response functions to support end-point protection, event management, and active threat hunting