Medzy Trust Center

Below is a list of all related controls for this domain. A status of green means compliant, yellow means partially compliant, and red means non-compliant.

Boundary Defense

The organization has established boundary defenses, utilizing a mix of hardware and software-based solutions such as firewalls, intrusion prevention systems (IPS), intrusion detection systems (IDS), and additional network security devices. These boundary defenses help prevent unauthorized access, data exfiltration, and other malicious activities by monitoring both incoming and outgoing network traffic and enforcing security policies and access controls.

Capacity Management

The organization has established a capacity management process to assess and maintain the required resources for current systems, applications, and infrastructure. This process ensures availability during peak usage and spikes and assists in forecasting budgets as the organization scales. By proactively managing capacity, the organization can optimize performance, minimize downtime, and plan for future growth.

Cloud and Network Security Policy

The organization has implemented a Cloud and Network Security Policy outlining procedures and best practices for managing, monitoring, and maintaining network security. This policy encompasses regular vulnerability scans, security audits, user access control and authentication, network segmentation, firewall management, and incident response planning. The Cloud and Network Security Policy is regularly reviewed and updated to ensure continued effectiveness and adaptation to evolving threats and changes in the organization’s network infrastructure.

Content and Filtering Measures

The organization has deployed filtering measures, including content filtering, to prevent access to malicious or unauthorized websites and content. These measures help to reduce the risk of security breaches, data leaks, and exposure to inappropriate content. By actively managing and enforcing content filtering policies, the organization maintains a secure and compliant online environment for its users.

Intrusion Detection and Prevention

The organization has deployed intrusion detection and prevention security measures to continuously monitor network traffic and identify and prevent unauthorized access, misuse, modification, or denial of resources and data. Detecting potential security threats and attacks in real-time alerts the organization and takes immediate action to prevent or mitigate the impact of such incidents.

Logging and Monitoring

The organization has implemented logging and monitoring processes, including using tools to track and record activity on its information systems and networks. The purpose of this control is to detect and respond to security incidents, maintain system performance and availability, and ensure compliance with legal and regulatory requirements. The control encompasses defining the events to monitor, configuring logging and monitoring tools, analyzing logs and alerts, and taking appropriate actions based on the findings. Regular testing and review of the logging and monitoring process are essential for maintaining its effectiveness and ensuring continuous protection.

Network and Cloud Segregation

The organization implements network and cloud segregation to isolate various environments, such as applications, data sensitivity levels, and testing environments, into separate segments. This practice reduces the risk of unauthorized access or data breaches. Segregation involves creating distinct zones within the cloud infrastructure, each with its own security controls and access policies. By segregating environments, the organization enhances its overall security posture and limits potential damage in the event of a security incident.

Network Time Protocol (NTP)

The organization utilizes Network Time Protocol (NTP) to synchronize the time and date across devices and systems within its infrastructure. Maintaining accurate and consistent timekeeping is essential for various functions, including log management, incident response, authentication mechanisms, and other time-sensitive processes. By implementing NTP, the organization ensures that all devices and systems operate in unison, which helps facilitate efficient and effective monitoring, analysis, and troubleshooting of potential security incidents and other time-dependent activities.

Security Operations Center (SOC)

The organization has established a Security Operations Center (SOC) facility or team responsible for monitoring, detecting, and responding to security incidents or events within the organization’s information technology infrastructure. The SOC helps mitigate security threats and vulnerabilities while ensuring compliance with security policies and regulations. Utilizing a combination of technologies and processes, such as security information and event management (SIEM) systems, intrusion detection systems (IDS), and incident response playbooks, the SOC team effectively detects and responds to security incidents, thereby enhancing the organization’s overall security posture.