The INetU Managed Security Suite
Security Solutions Powered By The Complex Hosting Experts.
The INetU Managed Security Suite was designed to give you the protection that your site needs while helping you meet compliance and regulatory requirements such as PCI and HIPAA.
Our Security Suite works across all types of environments including Dedicated Servers, Private Clouds, our Public Cloud, and even Hybrid Clouds. You’ll have just one suite of products and one portal to manage them through no matter how complex your environment is.
The Security Suite is designed to be used together to provide you multiple layers of defense against attackers. This is a concept known as "Defense in Depth" - even if an attacker manages to get through one layer, there are still several more layers of defense to keep your data and applications safe.
Security Operations Center.
Sensitive data and complex hosting often go hand in hand. That’s why INetU formed our Security Operations Center (SOC). As leaders in hosting solutions with compliance requirements, we’ve assembled a team of experts with industry relevant certifications (such as CISSP and CISA) to engineer, implement, and maintain our security services around the clock.
The SOC also keeps a watchful eye on the security of your companies hosting environment, analyzing and responding to data and alerts from the INetU Security Suite.
Audits and assessments are a part of doing business when you handle sensitive data. Our SOC is experienced with working with auditors to ensure they get the information that they need in order to be comfortable that your data is hosted in a secure environment. We undergo our own audits for compliance programs such as PCI-DSS, SSAE 16 Type II, and SOC3 Security.
Application Traffic Firewall.
Your web application is your server's front door. It needs to be accessible, and that opens you to a wide variety of attackers who want nothing more than to steal your data. An Application Traffic Firewall (also known as a Web Application Firewall or WAF) is an extra layer of defense that watches every request to your application as well as every response watching for signs of potential attackers. Powered by the Imperva Web Application Firewall technology, the INetU Application Traffic Firewall stops many web application attacks in their tracks, including common attacks such as SQL injection and cross-site scripting (XSS). In addition to watching for malicious traffic, known malicious IP addresses are blocked automatically thanks to Imperva ThreatRadar technology.
You can rest well at night knowing that the INetU Security Operations Center is watching for any signs of unusual activity on your protected site. In addition, Imperva's Application Defense Center (ADC) is constantly researching new attacks and vulnerabilities on the Internet and working to improve the WAF's ability to protect you from them.
Link: Learn more about our Web Application Firewall.
Our Application Traffic Firewall solution meets the requirements set forth in PCI DSS Section 6.6 and is a component of the implied requirement of Security Best Practices under HIPAA 164.306(a).
Dual Factor Authentication.
Your data is only as secure as the access control around it. That's why it's so important to use strong passwords. Dual Factor Authentication takes this one step further and requires you to enter a code from a physical device in your possession in order to access your systems and Client Center at INetU. Our dual factor authentication service is available as either a USB key or an app for your smartphone so that all users can take advantage of this important security enhancement.
Our dual factor authentication meets the requirements set forth in PCI DSS Section 8.3 and is a component of the requirements of HIPAA §164.312(d).
Link: Read more about PCI/HIPAA compliance at INetU.
Log Monitoring & Review.
With INetU, log monitoring and review collects detailed log information from the servers and devices in your environment. These logs can be essential for detecting attempted security breaches, misused accounts, and even non-security related problems. We aggregate all of this data into our easy to use Client Center and retain this data for 12 months. Most importantly, our team of security experts reviews your logs daily to catch anything that looks out of the ordinary, and to assist you in meeting your compliance obligations.
Our SIEM solution meets the requirements set forth in PCI DSS section 10.6 and is a component of the requirements of HIPAA
Link: Read more about PCI/HIPAA compliance at INetU.
File Integrity Monitoring.
File Integrity Monitoring (FIM) ensures that you know if critical system or application files are replaced or modified. It's an extra layer of defense to ensure that you know quickly if your system has been compromised.
Our FIM solution meets the requirements set forth in PCI DSS section 11.5.
Firewalls & VPNs.
Every solution at INetU is protected by a firewall with SSL VPN capability to allow remote users to administer servers seamlessly while protecting your environment by locking down remote access to authorized individuals.
Our firewall solution meets the requirements set forth in PCI DSS sections 1.1.3, 1.14, and 1.3.6. It's also a component of the implied requirement of Security Best Practices under HIPAA 164.306(a).
Intrusion Detection System (IDS) / Intrusion Prevention System (IPS).
An Intrusion Detection System watches the traffic coming in and out of your environment for signs of an attack, notifying both you and us the moment it sees anything out of the ordinary. An Intrusion Prevention System takes that one step further and stops the potential attack in its tracks.
Our IDS/IPS solution meets the requirements set forth in PCI DSS Section 11.4.
You'd rather find out about a potential weakness before an attacker exploits it. That's why vulnerability scanning is a critical component of your environment. We provide two types of vulnerability scanning - internal and external. External vulnerability scanning attempts to find weaknesses from the public internet. Internal vulnerability scanning looks for potential weaknesses from inside your firewall to ensure that everything is secure even if an attacker manages to find a way into your environment.
Our vulnerability scanning solution meets the requirements set forth in PCI DSS Sections 11.2.1, 11.2.2, and 11.2.3.