Security is our #1 priority.
We ensure the confidentiality and integrity of your data with industry best practices. Easocare hosts service data in AWS data centers that have been certified as ISO 27001, PCI/DSS Service Provider Level 1, and/or SOC 2 compliance. We also take steps to securely develop and test against security threats to ensure the safety of our customer data. In addition, Easocare employs third-party security experts to perform detailed penetration tests on our applications. Our app is 100% HIPAA Compliant & your data remains your data and we have no control over it.
|Facilities||Easocare hosts service data in AWS data centers that have been certified as ISO 27001, PCI/DSS Service Provider Level 1, and/or SOC II compliance.
AWS infrastructure services includes back-up power, HVAC systems, and fire suppression equipment to help protect servers and ultimately your data.
|On-site Security||AWS on-site security includes a number of features such as security guards, fencing, security feeds, intrusion detection technology, and other security measures. Learn more about AWS physical security.|
|Monitoring||All Production Network systems, networked devices, and circuits are constantly monitored and logically administered by Easocare staff. Physical security, power, and internet connectivity are monitored by AWS.|
|Location||Easocare leverages AWS data centers in Asia, Northern Virginia & Europe|
|Dedicated Security Team||Our globally distributed Security Team is on call 24/7 to respond to security alerts and events.|
|Protection||Our network is protected through the use of key AWS security services, integration with our Cloudfront edge protection networks, regular audits, and network intelligence technologies which monitor and/or block malicious traffic and network attacks.|
|Architecture||Our network security architecture consists of multiple security zones. More sensitive systems, like database servers, are protected in our most trusted zones. Other systems are housed in zones commensurate with their sensitivity, depending on function, information classification, and risk. Depending on the zone, additional security monitoring and access controls will apply. DMZs are utilized between the Internet, and internally between the different zones of trust.|
|Network Vulnerability Scanning||Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.|
|Security Incident Event Management(SIEM)||Our Security Incident Event Management (SIEM) system gathers extensive logs from important network devices and host systems. The SIEM alerts on triggers which notify the Security team based on correlated events for investigation and response.|
|Intrusion Detection and Prevention||Service ingress and egress points are instrumented and monitored to detect anomalous behavior. These systems are configured to generate alerts when incidents and values exceed predetermined thresholds and use regularly updated signatures based on new threats. This includes 24/7 system monitoring.|
|DDoS Mitigation||Easocare has architected a multi-layer approach to DDoS mitigation. A core technology partnership with Cloudflare provides network edge defenses, while the use of AWS scaling and protection tools provide deeper protection along with our use of AWS DDoS specific services.|
|Logical Access||Access to the Easocare Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Easocare Production Network are required to use multiple factors of authentication.|
|Security Incident Response||In case of a system alert, events are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.|
|Encryption in Transit||Communications between you and Easocare servers are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS) over public networks. TLS is also supported for encryption of emails.|
|Encryption at Rest||Customers of Easocare benefit from the protections of encryption at rest for their data. Service Data is encrypted at rest in AWS using AES 256 key encryption.|
|Availability & continuity|
|Redundancy||Easocare employs service clustering and network redundancies to eliminate single points of failure. Our strict backup regime and/or our Enhanced Disaster Recovery service offering allows us to deliver high level of service availability, as Service Data is replicated across availability zones.|
|Disaster Recovery||Our Disaster Recovery (DR) program ensures that our services remain available or are easily recoverable in the case of a disaster. This is accomplished through building a robust technical environment, creating Disaster Recovery plans, and testing activities.|
|Enhanced Disaster Recovery||Enhanced Disaster Recovery package adds contractual objectives for Recovery Time Objective (RTO) and Recovery Point Objective (RPO). These are supported through our capability to prioritize operations of Enhanced Disaster Recovery customers during any declared disaster event.|