Security Services

What Is Security Services?

Data security refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, hashing, tokenization, and key management practices that protect data across all applications and platforms.

security

Benefits Of Security?

identity and access

Identity and Access Management authorizes individuals with specific actions on specific resources, with full control and visibility to centrally manage cloud resources

role based control

Role-Based Access Control is used at different levels of control for providing access to various types of infrastructure resources at the account, sub-account, or resource level

user

Enables users to search, control access, and do bulk actions on a set of resources based on the tag

limit resource

Limit which resources are available and when, based on specific criteria defined by the organization

audit trail

Show-back / Chargeback Audit trails allow infrastructure usage costs to be allocated to departments, business units, or individual users​

resource define

When IAM and RBAC are utilized and resources are logically defined, a unified view of permissions and security policies becomes available to IT administrators

Importance of Data Security

  • Data accessed exclusively for developing and operating the services and as required by client. Access to customer production environment is provided to users only when a specific business need arises
  • Development is performed maintaining privacy and security of data at all levels
  • Business sensitive data is always encrypted
  • Secured development and deployment of automation processes
  • Code review to ensure security protocols
  • Developers by default are given only UAT / Development environment access
  • Configuration files with passwords are encrypted
  • Any data that we store is only for transitive purposes and during that time it is encrypted
  • Change Management follows proper documentation and change controls
  • Data files generated during process run, are deleted after completion
  • Notifications containing confidential info or demographic info are sent thru Secured Email providers
  • Sensitive information access is limited to only required team members

Cyret Offerings & Expertise

Over a period Cyret has delivered best on customer expectations for security enabled deployments to ensure clients can leverage all possibilities without any threat. Sample scenario below for access configuration

Platform Security / HIPAA Compliance

  • Automation server uses token-based system for authentication
  • Automation server uses AES 256-bit encryption for sensitive data and all passwords if required to be stored are stored as hash to further strengthen the security
  • All communication between automation server and other components are done over https using TLS 1.2 protocol. In addition to sending data over TLS 1.2, the data sent to other components is also encrypted using AES 128-bit encryption
  • Requested patient info sent as secured email to intended recipients by automation process
  • All sensitive demographics data is stored (if required to be stored) as encrypted with AES 128-bit encryption in the database server on oracle cloud