Technical security like encryption, two-factor authentication, and intrusion protection are core safeguards of sensitive data. It's important that the application of security technologies falls within the context of a strategic approach to security that includes administrative and physical safeguards. Technical safeguards are not one-size fits all. We will work with you to fit the right combination of security technologies to suit your tolerance for risk, compliance obligations, and resource demands.
The technical safeguards below are all required to meet PCI DSS compliance, and are highly recommended for a strong security posture that will lower your risk of data loss and help you satisfy many other compliance safeguards such as HIPAA, SOC 2, and Safe Harbor.
Daily Log Review While some providers may offer logging (tracking user activity, transporting and storing log events), Online Tech provides the complete logging experience with daily log review, analysis, and monthly reporting.
File Integrity Monitoring (FIM) Monitoring your files and systems provides valuable insight into your technical environment and provides an additional layer of data security. File integrity monitoring (FIM) is a service that can monitor any changes made to your files.
Web Application Firewall (WAF) Protect your web servers and databases from malicious online attacks by investing in a web application firewall (WAF). A network firewall’s open port allows Internet traffic to access your websites, but it can also open up servers to potential application attacks (database commands to delete or extract data are sent through a web application to the backend database) and other malicious attacks.
Two-Factor Authentication Online Tech offers two-factor authentication for VPN (Virtual Private Network) access as an optimal security measure to protect against online fraud and unauthorized access for clients that connect to their networks from a remote location.
Vulnerability Scanning Vulnerability scanning checks your firewalls, networks and open ports. It is a web application that can detect outdated versions of software, web applications that aren’t securely coded, or misconfigured networks. If you need to meet PCI compliance, you need to run vulnerability scans and produce a report quarterly.
Patch Management Why is patch management so important? If your servers aren’t updated and managed properly, your data and applications are left vulnerable to hackers, identity thieves and other malicious attacks against your systems.
Antivirus Antivirus software can detect and remove malware in order to protect your data from malicious attacks. Significantly reduce your risks of data theft or unauthorized access by investing in a simple and effective solution for optimal server protection.
SSL Certificate In order to safely transmit information online, a SSL (Secure Sockets Layer) certificate provides the encryption of sensitive data, including financial and healthcare. A SSL certificate verifies the identity of a website, allowing web browsers to display a secure website.
Encryption Encryption takes plaintext (your data) and encodes it into unreadable, scrambled text using algorithms that render it unreadable unless a cryptographic key is used to convert it. Encryption ensures data security and integrity even if accessed by an unauthorized user.