Emphasys Is Certified FedRAMP High Authorization

FedRAMP High

As an innovative developer of software designed for Public Housing Authorities (PHA), Emphasys shows its commitment to the industry through the Federal Risk and Authorization Management Program’s (FedRAMP) High Authorization recognition of their hosting platform. This is the top honor available through FedRAMP. High Authorization is a marker of secure, industry-leading systems that are appropriate for the most sensitive data. Learn more about FedRAMP’s High Authorization as well as how Emphasys can help your PHA remain secure.

What Is FedRAMP High Authorization?

The Federal Risk and Authorization Management Program focuses on standardizing security measures for cloud-based data storage used by government entities. Poor data security, digital crime, and hacking all pose a major threat to today’s society. Government agencies of all sizes, from municipal to federal, have been the unfortunate targets of cybercrime. FedRAMP aims to secure our information with regulation, oversight, and robust standards.

FedRAMP’s High Authorization recognizes safe practices used for the most sensitive data. This category of data includes high-stakes information often associated with law enforcement, emergency response, finance, and public health. However, High Authorization information includes any system where the loss of data integrity, access, or confidentiality will cause adverse effects for either operations, assets, or citizens. Public Housing Authorities work with private, sensitive information and as such, are covered by the High Authorization umbrella.

Why Do Public Housing Authorities Need High Security?

On the most basic level, PHAs require high digital security because they work with personal and financial information. Most PHA clients must provide Protected Personal Information (PPI) to receive services. This personal data must be kept safe to protect clients from potential identity theft and fraud. PHAs handle financial transactions including paying rents, providing stipends, and issuing grant awards. Both incoming and outgoing accounts could be vulnerable to cyberattacks.

PHAs also carry out vital strategic projects that impact local infrastructure and quality of life. Lost or deleted data can put projects on hold. If hackers alter or change PHA information, work can be sabotaged. This poses a threat to both immediate and long-term security.

Finally, PHAs are uniquely vulnerable due to the political realities of operation. Many PHAs struggle for funding, always wanting to accomplish more than the budget allows. These agencies may receive budget cuts or lapses in funding during times of economic hardship. As a result, PHAs are often pressured to stretch their budget to the limit, accomplishing more with less. Information technology upgrades may be put off due to financial reasons. Unfortunately, this exposes PHAs to increased cyber risk.

What Does High Authorization Mean To Emphasys?

Emphasys is dedicated to providing safe, secure, and robust software solutions to Public Housing Authorities across the country. FedRAMP’s High Authorization is a welcomed validation of the range of products and services Emphasys makes available via our hosting platform. This recognition allows Emphasys to provide a timely response in the event your agency suffers a cyberattack. 

Thanks to cloud-based software, Emphasys offers its clients security and peace of mind should hackers breach their defenses. Cloud solutions allow for constant, reliable system backups. If your PHA is brought down by a ransomware attack, Emphasys can help restore full operations within days instead of weeks. Cloud systems also help you ensure your recovered data is valid.

The FedRAMP High Authorization of our cloud hosting software means that Emphasys is fully prepared to manage your agency’s most sensitive data. If your local PHA doesn’t already use a secure cloud-based system, it’s time to move to a higher level of security. An Emphasys software solution can protect your agency, your clients, and your community from the growing threat of cybercrime.

Protecting Your PHA Against Fraud

Protecting Your PHA Against Fraud

Working for a public housing authority is a noble cause. Whether it be Section 8 housing or a HUD development, you are providing a service to those who need a little help with their housing situation. And no one expects that such a benevolent group could be capable of fraud, but sadly it happens, and it often goes undetected until it is too late. So, how can you go about protecting your PHA against fraud?

Fraud Can Happen Anywhere, to Anyone

In a small town in New England, such a fraudulent situation rocked the confidence of the townsfolk who have always trusted their local housing authority. The PHA manager was embezzling from tenants with the help of a resident that colluded with him to hide the infraction. He was stealing tenant rent payments, while at the same time erasing their names from the list of residents under the protection of the PHA. 

When the residents sought legal representation to fight forced evictions, they no longer had a paper trail, and thus, lost the case. This went on for a while until eventually the manager slipped up and both men were sent to jail for housing fraud. The town was devastated by the betrayal and the tenants had trouble trusting the housing authority after the incident.

What could have prevented this? After all, this was a manager. 

The first thing is oversight. Even the president of the United States has an oversight committee to keep his actions in check. So, why doesn’t a smaller agency under the umbrella of HUD also have its own oversight? Perhaps it is a budget issue. So, instead, it is up to the folks working in the PHA to keep each other honest and always be diligent and vigilant to the integrity of the office. 

People’s living situations, and often, their lives, are in your hands. It is up to you to keep their money and their livelihood safe. And this sort of thing happens more often than people realize. When it is easy to siphon excess funds or embezzle from the unknowing, someone will let their lesser demons talk them into it. And once that gate is open, it is hard to close. 

Removing Temptation

Vigilance is good, oversight is better, but the best tool to prevent fraud in your public housing agency is with software that keeps an eye on all money coming and going. It keeps your office staff honest, it keeps the residents honest, it cannot be tampered with and is easy to use for even the most technologically untalented folks.

One such program is a suite of software from Emphasys. Emphasys has taken the prevention of fraud and its passion for keeping good people safe and developed technology to help keep fraud at bay. Our proprietary system maintains a constant log of your tenants, their household living capacity, their finances, and lets the agency know if anything changes. 

It also holds office staff accountable for anything they miss. It provides a constant paper trail that catches any discrepancy with accuracy and efficiency. You will know right away if anything is amiss and be able to address it before it gets out of control. If the Agency in New England had used Emphasys, this terrible situation would never have happened.

Protecting Your PHA Against Fraud

If you manage a public housing authority, you need to add Emphasys to your tool belt of effective fraud prevention options. With Emphasys’ software solution, you will have a greater scope over what is happening in your community and the ability to send reports to auditors and authorities if anything seems less than above board. The Emphasys suite of products is designed to keep you and your residents in mind, 24/7.

, ,

Emphasys Software Awarded SOC 2 Type 1 Certification

PEMBROKE PINES, FLJune 10, 2021 – Emphasys Software (Emphasys) is proud to announce that it has successfully completed the Service Organization Control (SOC) 2 Type 1 audit. With this SOC 2 Type 1 designation, Emphasys continues to demonstrate its commitment to best-in-class compliance and data security standards for our affordable housing customers.

The SOC 2 certification process affirms that Emphasys Software’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security, availability, processing, integrity, privacy, and confidentiality in the cloud.

“Our SOC 2 certification shows customers that Emphasys takes customer data safety and security on the internet very seriously,” said Dave Badun, General Manager of Emphasys. “With the increasing risk of ransomware attacks on public housing authorities, it is of the utmost importance that we provide assurances of security and reliability of Emphasys to all our customers and their residents.”

By meeting the stringent requirements to receive a SOC 2 standard of security, Emphasys provides a broad range of capabilities and benefits for any public housing agency with an assurance that our internal controls have undergone the most rigorous review. This creates peace of mind and convenience when, for example, residents are making rent payments or are filling out rental applications online with personal information being stored in the cloud.

About Emphasys Software:

As a pioneer of enterprise software for public housing authorities, Emphasys has set the standard for innovative compliance-based business solutions since 1976. Emphasys’ software is used to help manage and house nearly one million families through over 200 of the nation’s leading, and many of the nation’s largest, public housing authorities. Emphasys offers a complete suite of enterprise software applications with service and support that automates business processes efficiently and effectively. Emphasys Software is a wholly-owned subsidiary of Constellation Software Inc. (TSX:CSU).


Avoiding a ransomware attack

Don’t let your data get held hostage: Avoiding a ransomware attack.


What’s your emergency preparedness plan?

Emphasys is positioned to help PHAs plan for and recover from disasters and emergencies in a variety of ways.


Is SOC 2 Compliance Important for PHAs?

Is SOC 2 Compliance Important for PHAs?

As a trusted technology advisor to hundreds of top performing Public Housing Authorities (PHAs), Emphasys takes information security very seriously.

To formalize and quantify a company's internal controls related to information security, the American Institute of CPAs (AICPA) developed a compliance requirement called SOC 2. SOC 2 is designed for those providers who store customer data in the cloud, which means any affordable housing technology company storing customer data must meet SOC 2 compliance requirements in order to minimize risk and exposure to a PHA's data.

The SOC 2 requirement is more than just a technical audit. It establishes that a company follows strict information security procedures and policies, including the security, availability, processing, integrity, and confidentiality of customer data. Further, being SOC 2 certified assures a client that information security at the provider is in line with the special needs of today's cloud requirements.

Be sure to ask your housing software vendor if they are SOC 2 compliant when shopping for your PHA's next business management software solution. Mitigating risks is a very important part of running a PHA and partnering with a vendor who is SOC2 certified will ensure that you are working with an organization that complies with all of the Trust Service Principles of security, availability, confidentiality, processing integrity, and privacy.

Emphasys is pleased to report that we are SOC 2 Type 1 certified.


Not sure what to look for in a hosting provider? Download our “Five Questions to Ask Any Hosting Provider” whitepaper to ensure you make the right choice.

The Whitepaper will be sent automatically to your email.


    Is your Software Vendor Holding your Data Hostage?

    Is your Software Vendor Holding your Data Hostage?

    Perhaps an auditor has come to your PHA and requested information that resides in your housing software system. It’s a simple enough request, but to your dismay, you find out you must ask your vendor to retrieve it. Then there’s data export. Many systems in the market today won’t let you export your data out of the software without having to go through some sort of report. Or what about needing to switch vendors? Will they lock you out of your data? Now it really feels like your data is being held hostage.

    Here are some questions you should ask your vendor to make sure you can access your data in all circumstances.

    1. Do you offer a report wizard that allows my PHA to create reports? Do the reports have key data elements as it relates to 50058s, detailed income information, detailed assets, including detailed information on history (vacancies, certifications, unit history, AR information, etc.)?
    2. Can my PHA create a Microsoft Excel report and tie it directly to the database to create reports?
    3. Do your reports automatically export out to Microsoft Excel in the proper format or do I have to modify the report every time I export it?
    4. Will our PHA have to rely on your support department in order to access report-related items?
    5. Do you have a Data Model that you can share with our PHA?
    6. Do you provide our users with training on creating reports?
    7. Do you have training videos for our PHA staff to review?
    8. Do you have a support department that can guide our users through creating basic report queries?
    9. Can my PHA still access our data even during the time we are transitioning to a new vendor?

    More and more, HUD is relying on vendors to deliver and own data, so it’s in your PHA’s best interest to make sure your vendor offers easy and convenient data access. After all, being able to control, access, and trust your data is key to helping your PHA run smoothly.

    If you feel your vendor can’t answer these questions and want to know more about how you can own your data, please fill out the contact form below.

    Updated September, 2020