MedStack's SIEM (Security Information and Event Management) ingests log sources, and works alongside our Intrusion Detection System (IDS), and File Integrity Monitoring (FIM) events. It works with MedStack’s on-call engineer alerting tools.
MedStack logs and event monitoring data are segmented by customer.
24/7 Intrusion Detection System Monitoring
Our SIEM is monitored by designated on-call production engineers, and critical IDS/FIM event alerts are actively triaged by a 24/7 SOC team. We may contact you about activity if we conclude that something looks abnormal.
MedStack undergoes annual audits and works with third-party vendors to maintain our security and compliance posture.
|SOC 2 Type 2 Report||Security Assessments||TRA and PIA|
|We work with an independent auditor to maintain our SOC 2 Type 2 report.||We complete annual third party penetration testing by qualified assessors.||Our Privacy Impact Assessments (PIA) and Threat Risk Assessments (TRA) are done regularly by third parties. We use these to spot potential weaknesses and help prevent, or reduce, harmful outcomes.|
MedStack is intentional about the security and compliance that gets baked into our platform.
Know who did what and when with the user activity log.
- Two-factor authentication (2FA) is enforced on all accounts
- Passwords must be at least 8 characters long
- Password reuse is not allowed
- Password complexity (eg. requiring at least one upper and lowercase, numeric, and special character, etc): NIST recommends password complexity not be imposed; password complexity is not imposed on MedStack Control
Identify unwanted applications or services using a non standard port or detect if an allowed protocol is being abused. MedStack has network-based firewalls enabled and configured for all customer virtual networks and servers.
- DDoS protection
- IP spoofing protection
MedStack has host-based firewalls enabled and configured for all customer virtual networks and servers.
- Real-time IDS/FIM system
- Firewall (IP packet filtering rules)
Web Application Firewall (WAF)
MedStack does not have a WAF implementation. Many customers have successfully implemented ModSecurity as their WAF engine of choice.
Enabling the Most strict option for a load balancer within MedStack enforces the use of strong ciphers for TLS. This is recommended for all applications and PCI DSS compliance.
- Hosted on leading cloud infrastructure providers (Amazon AWS and Microsoft Azure) with signed and inheritable business associate agreements
- Media destruction is handled by cloud providers, so you know your data is purged, or destroyed according to NIST 800-88 Guidelines for Media Sanitation
- We deploy using Infrastructure as Code (IoC)
- All infrastructure changes are peer reviewed and scanned for vulnerabilities
- Managed firewall and load balancer
- Encryption for all data at rest
- Self-service maintenance tools
- All code is peer reviewed before it is merged
- Every modification is contingent upon passing an extensive test suite, and all security checks succeeding
- Our third-party libraries are scanned for vulnerabilities as part of our CI/CD pipeline
- Our development culture is one of continuous learning and sharing
- Robust information security policies and procedures
- 2FA enforced company-wide
- Background checks
- Physical security keys used where possible
- Vendor risk management
- Ongoing security education, incident response training, and awareness training
- External security assessments
- Mobile device management (MDM)
- Endpoint detection response (EDR)
Notice something that doesn't seem right? Submit a request.
Updated 7 months ago