10-01-12 | Blog Post
What’s in your technical security toolkit? Each tool covers different aspects of your hosting environment and ensures server and database protection. By taking a layered approach to security, you can cover all of your bases and prevent a data breach.
At Online Tech, we’ve unveiled our IT security toolkit we recommend to any industry concerned with data confidentiality, privacy and integrity. All of the managed services are required by PCI DSS (Payment Card Industry Data Security Standard) for organizations that accept, transmit or process credit cardholder data, and they are highly recommended for HIPAA (Health Insurance Portability and Accountability Act)/HITECH (Health Information Technology for Economic and Clinical Health); organizations that deal with protected/patient health information.
Click on each to learn more:
Technical Security Services |
|
|---|---|
 |
Daily Log Review While some PCI hosting providers may offer logging (tracking user activity, transporting and storing log events), Online Tech provides the complete logging experience with daily log review, analysis, and monthly reporting. |
|
File Integrity Monitoring (FIM) Monitoring your files and systems provides valuable insight into your technical environment and provides an additional layer of data security. File integrity monitoring (FIM) is a service that can monitor any changes made to your files. |
|
Web Application Firewall (WAF) Protect your web servers and databases from malicious online attacks by investing in a web application firewall (WAF). A network firewall’s open port allows Internet traffic to access your websites, but it can also open up servers to potential application attacks (database commands to delete or extract data are sent through a web application to the backend database) and other malicious attacks. |
|
Two-Factor Authentication Online Tech offers two-factor authentication for VPN (Virtual Private Network) access as an optimal security measure to protect against online fraud and unauthorized access for clients that connect to their networks from a remote location. |
|
Vulnerability Scanning Vulnerability scanning checks your firewalls, networks and open ports. It is a web application that can detect outdated versions of software, web applications that aren’t securely coded, or misconfigured networks. If you need to meet PCI compliance, you need to run vulnerability scans and produce a report quarterly. |
|
Patch Management Why is patch management so important? If your servers aren’t updated and managed properly, your data and applications are left vulnerable to hackers, identity thieves and other malicious attacks against your systems. |
|
Antivirus Antivirus software can detect and remove malware in order to protect your data from malicious attacks. Significantly reduce your risks of data theft or unauthorized access by investing in a simple and effective solution for optimal server protection. |
|
SSL Certificate In order to safely transmit information online, a SSL (Secure Sockets Layer) certificate provides the encryption of sensitive data, including financial and healthcare. A SSL certificate verifies the identity of a website, allowing web browsers to display a secure website. |
Technical security is just one aspect of a complete security solution – the physical security of your hosting environment and administrative security (policies, contracts, and staff training) allow for ultimate security. Read more about our Physical Security and Administrative Security.
Not sure what the PCI requirements, or HIPAA hosting requirements are? Download and read our PCI Compliant Hosting white paper, or our HIPAA Compliant Hosting white paper.
