In order to preserve the integrity of data that Cloudticity stores, processes, or transmits for customers, Cloudticity implements strong intrusion detection and prevention tools and policies to proactively track and retroactively investigate unauthorized access. Cloudticity currently utilizes Trend Micro Deep Security (TMDS) to track file system integrity, monitor log data, detect rootkit access, provide intrusion detection and prevention, and provide anti-malware security.
- 09.ab - Monitoring System Use
- 06.e - Prevention of Misuse of Information
- 10.h - Control of Operational Software
- 164.312(b) - Audit Controls
- TMDS is used to monitor and correlate log data from different systems on an ongoing basis. Reports generated by TMDS are reviewed by the Security Officer on a quarterly basis.
- TMDS generates Zendesk tickets to analyze and investigate suspicious activity or suspected violations.
- TMDS monitors file system integrity and creates real time alerts, via Zendesk tickets, when suspicious changes are made to the file system.
- Automatic monitoring is done to identify patterns that might signify the lack of availability of certain services and systems (DoS attacks).
- Cloudticity firewalls monitor all incoming traffic to detect potential denial of service attacks. Suspected attack sources are blocked automatically. Additionally, our hosting provider actively monitors its network to detect denial of services attacks.
- All new firewall rules and configuration changes are tested before being pushed into production. All firewall and security group rules are reviewed every quarter.