12-03-13 | Blog Post
Online Tech likes to refer to itself as the Fort Knox for data. We love to hear clients’ stories to support that claim. And we really love to hear when our services help clients impress their own prospective customers.
We heard one of those stories Monday during a telephone conversation with DocView Solutions chief technical officer Daniel LeRiche. While chatting about the upcoming 2013 mHealth Summit in Washington D.C. (more information on that topic coming soon), LeRiche shared an experience he had with a potential client of DocView’s mobile app, which allows healthcare providers to interact with critical care patients.
A healthcare provider performed penetration testing on DocView’s system – which is hosted on Online Tech’s encrypted cloud – and our firewall intrusion detection system did such a good job that it shut down access to the test. The client needed to complete the testing, so LeRiche had to ask Online Tech’s staff to shut down the firewall so the proper reports could be completed.
The intent of a penetration test is to simulate a real-world attack situation with a goal of identifying how far an attacker would be able to penetrate into an environment. The potential DocView client learned emphatically that its HIPAA-sensitive data would be safe with DocView and Online Tech.
Every Online Tech cloud uses high-performance EMC VMAX SANs to encrypt data at rest with no impact on performance. Our suite of security tools includes daily log review, two-factor authentication, file integrity monitoring, web application firewalls and more.
“It helps make my case,” LeRiche said. “We’re a small software vendor, an emerging company without a long track history. Working with Online Tech, we immediately have credibility.”
Healthcare Security Vulnerabilities
Adam Goslin of High Bit Security – which performs penetration testing – led an Online Tech ‘Tuesdays at 2’ webinar that reviewed several real healthcare-related security engagements, provided an overview of the IT Security world today, provided insight into the hacking community, discussed several proactive methodologies for mitigation of security vulnerabilities and explained the shortcomings of some security testing methodologies.