CMS Services
Home
About
Services
Data Security
Contact Us
Login
  • CMS Suite
  • Mercury Management System
Blog
CMS Services
Home
About
Services
Data Security
Contact Us
Login
  • CMS Suite
  • Mercury Management System
Blog
More
  • Home
  • About
  • Services
  • Data Security
  • Contact Us
  • Login
    • CMS Suite
    • Mercury Management System
  • Blog
  • Home
  • About
  • Services
  • Data Security
  • Contact Us
  • Login
    • CMS Suite
    • Mercury Management System
  • Blog

Data Security

Enterprise-Grade Security Built Into the Core

Engineered on a secure Microsoft SQL foundation, the CMS Portal protects sensitive data at every stage. Instead of relying on scattered Excel and Word files stored in SharePoint or OneDrive, the system centralizes all information inside a hardened, access-controlled database. The result is stronger protection, greater compliance, and unmatched operational control.

Data integrity and security by design

How Files are Stored

Files in the CMS Portal are stored as encrypted binary data inside a table row, protected by CMS and SQL security along with Azure platform controls, rather than as an exposed file on a shared drive.​

Security Layers Protect Data

  • At-rest encryption: TDE uses a database encryption key protected by a key in Azure Key Vault (BYOK), so if someone steals the underlying storage, they get only encrypted blobs, not readable files.​
  • Access Control: Access is limited by permissions and roles and client access to any data of file goes through internal permissions and roles; clients are granted specific access to a limited number of tables and only particular data records within those tables so users can only read specific data.​

Encrypted, Recoverable, and Continuously Protected

Data is encrypted in transit and at rest. Automated backups, point-in-time recovery, and active monitoring provide enterprise-grade business continuity and peace of mind.

Why this is More Secure Than File Sharing Sites

  • No direct file paths: Users never browse a network folder; they query the database through authenticated connections, providing a full audit trail of who accessed data and when.​
  • Key management: Encryption keys are stored and rotated in Azure Key Vault, separated from the database itself, reducing the blast radius of a compromise compared with an unencrypted SMB share 

No Uncontrolled Copies — One Secure Source of Truth

  • All client data resides in a single, encrypted SQL environment. Users view information through the CMS Portal, not through downloaded files, eliminating the risk of duplicate files on personal devices, email, or local drives.
  • Word, Excel, and PDF outputs are generated from the portal, not used as the master record. This prevents outdated files, version confusion, and untracked sharing.

Role-Based Access for Every Field and Record

The CMS Portal enforces security at the most granular level. Permissions can be restricted by user, client, field, record type, or workflow stage—ensuring each person sees only what their role allows. 

Full Transparency Through Detailed Audit Trails

Every action—viewing, editing, uploading, or exporting—is logged. Clients gain complete visibility into user activity, fulfilling regulator expectations from the CFPB, OCC, FDCPA, and state auditors.

Copyright © 2025 CMS Services - All Rights Reserved.

  • Home

Powered by