Writing as of March 2020, one cannot avoid the news about the coronavirus (and resulting COVID-19 disease) and its global reach. The pandemic has reinvigorated the public conversation around personal hygiene and how to minimize exposure to illness. Personal hygiene recommendations include better handwashing, minimize face touching, and cleaning surfaces that are used by numerous individuals.
Coronovius has also shed light on outbreaks of a different kind, including cyber outbreaks. Just as human health requires good personal hygiene, cyber attacks can be mitigated through good cyber hygiene. And while no system (biological or otherwise) is immune from attack, best practices can improve one’s chances of good health.
At Casepoint our cyber hygiene philosophy comes in a multi-layered approach. And while it would be ill advised to share specifics, we believe it is important to share how we approach cyber hygiene across the company. Feel free to use this list to shape your discussions with other technology providers.
Casepoint’s Approach to Cyber Hygiene:
- Casepoint has regular, company-wide security training for all employees with formal testing, scoring, and remediation
- Casepoint has regular security drills across the company (fake phishing attacks, vulnerability assessment & penetration testing, etc)
- Casepoint requires multi-factor authentication for all users internal and external
- Casepoint only allows access to servers via secured terminals and authorized credentials
- Casepoint data storage is compartmentalized and internet endpoints are minimized
- Casepoint processing servers do not have access to the internet
- Casepoint data centers has achieved a SOC 2 Type II attestation and ISO 27001:2013 certification
- Casepoint as a company is SOC 2 Type II attestation and ISO 27001:2013 certification (most companies do not go to this length for security and try to rely on the security qualifications of their data center)
- Casepoint has a strong business continuity, incident response, and disaster recovery policies & procedures
For an infographic explaining the levels of security needed for a fully secure solution check out the next blog post, Secure eDiscovery from A to W. For more information on Casepoint’s certifications click below to read the Casepoint Security Brief. Alternatively, schedule a commitment-free demo or question/answer session on your security concerns with us.