In MedStack Control, you have the ability to manage cloud resources that are provisioned for privacy compliance by design. Creating clusters, compute nodes, and database servers can be done in a few simple clicks.
All cloud resources you build in MedStack Control are built within MedStack's cloud provider tenant. We manage all cloud infrastructure deployed to dedicated environments in MedStack Control. No one other than you and MedStack have access to manage your clusters and their resources within.
This is an imperative distinction that is often important to entities when performing security assessments. Although not a HIPAA requirement, infrastructure that serves only the client is often preferred by end users requesting security assessments.
There are many measures taken to implement secure design and guarantee compliance for the resources you build in MedStack Control. They are explained in deeper detail on each service's article in this guide.
In the shared responsibility diagram, it is illustrated that the cloud provider is responsible for DDOS and IP spoofing mitigation.
A virtual network encompasses your docker environment and cloud services operating via MedStack Control. Protecting this virtual network is Azure's networking security.
In regard to DDOS and IP spoofing mitigation, the cloud provider employs "DDOS protection basic mitigation" which mitigates attack vectors on OSI layers 3 and 4. This includes:
- Active traffic monitoring and always on protection.
- Automatic attack mitigations
Updated 4 months ago