Project Hosts announces HITRUST CSF Certification in recent Press Release

November 9, 2017

Project Hosts continues to lead the industry in security compliance by adding a HITRUST CSF Certification. Healthcare professionals can now place their workloads and data in Project Hosts’ A6 environment on Microsoft Azure, giving them HIPAA/HITRUST Compliance at the SaaS level. “With a HITRUST CSF-Certification, Project Hosts’ A6 Security Envelope provides an ideal Azure environment for Healthcare Providers and ISVs in need of a fully attested cloud platform,” said Hector Rodriguez, Director, Worldwide Healthcare at Microsoft Corp.

HITRUST CSF-Certification is the healthcare industry’s most widely recognized security accreditation. HITRUST incorporates a wide range of healthcare specific security, privacy and regulatory requirements from existing regulations such as HIPAA/HITECH, PCI, ISO 27001 and MARS-E as well as industry best practices.

Click here for the full article.

 

 

 


Project Hosts’ FedRAMP Cloud Received Another Agency ATO from Sites.USA.Gov

November 2, 2017

FedRAMP_CloudThis week, Project Hosts’ FedRAMP SaaS-compliant Federal Private Cloud was granted an agency Authority to Operate (ATO) by Sites.USA.Gov. With this ATO, US Federal and State Government agencies have the added assurance that another agency has reviewed Project Hosts’ Federal Private Cloud and determined that it meets the regulatory and legislative requirements mandated by FISMA and FedRAMP.

A security controls assessment of the sites.usa.gov environment has been conducted at the Federal Information Processing Standards (FIPS) 199 Low Impact level in accordance with National Institute of Standards and Technology (NIST) Special Publication 800-37 Revision 1, “Guide for Applying the Risk Management Framework to Federal Information Systems”, and the General Services Administration (GSA) IT Security Procedural Guide CIO-IT Security-06-30, “Managing Enterprise Risk”.

Brent_ManagedServicesFR_SignThe system has been assessed by Valiant Solutions using the assessment methods and procedures required by the system’s assessment process as described in CIO-IT Security-6-30 to determine the level of risk associated with operating the system and the effectiveness of the system’s security controls in satisfying the security requirements of the system. A Plan of Action and Milestones (POA&M) has been developed describing the corrective measures implemented or planned to address any deficiencies in the security controls for the information system and to reduce or eliminate known vulnerabilities.

Based on the level of risk described in the results of sites.usa.gov’s security assessment and the planned actions in its POA&M, I recommend authorization of the sites.usa.gov information system.

Click here for more information about FedRAMP SaaS Compliant Solutions.

Secure Azure Services

Share Point FedRAMP Cloud

CRM FedRAMP Cloud

PPM FedRAMP Cloud

Azure Managed Services


Project Hosts is at the Microsoft US Digital Transformation Academy, Announcing HITRUST CSF Certification on Azure

October 24, 2017

AzureSecurityContainer3On October 9th, Project Hosts and the ISMScloud were on display at the INFOSEC/27K Summit in Washington DC. The following week, Project Hosts shared their FedRAMP Cloud at the Government Cloud Conference, also in Washington DC. This week, the team is in Las Vegas for Microsoft’s US Digital Transformation Academy Booth# 402, sharing the news of Project Hosts’ Security Envelope on Microsoft Azure gaining HITRUST CSF Certification status.

IMG_4790

The HITRUST CSF Certified Status, Project Hosts’ meets key healthcare regulations and requirements for securing sensitive private healthcare information, applications and workloads deployed in Project Hosts’ A6 Security Envelope.

“With a HITRUST CSF Certification, Project Hosts’ A6 Security Envelope provides an ideal Azure environment for Healthcare Providers and ISVs in need of a fully attested cloud platform,” said Hector Rodriguez, Director, Microsoft Worldwide Healthcare at Microsoft Corp. “Project Hosts extends HITRUST CSF certification to the SaaS-level so that organizations can secure ePHI and implement cloud solutions without incurring the effort and expense typically required to design, implement, document and audit the application-level security controls required for full regulatory compliance.”

HIPAA/HITRUST Compliant Clouds

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services

 

 


Data Auditing and eDiscovery Services for Healthcare, made Available through Project Hosts and Netmail in HIPAA/HITRUST Compliant Azure Cloud

September 26, 2017

gI_85968_Netmail-ProjectHosts-200x200Netmail, Inc. and Project Hosts, Inc. announced today that they have teamed up to deliver Netmail’s Hadron Data Auditing and eDiscovery services to healthcare organizations as an on-demand service from a HIPAA/HITRUST compliant Azure Cloud.  Now, organizations with sensitive information that must comply with Federal, State and other international privacy regulations such as European Community GDPR and Canada’s PIPEDA, can perform searches for audits from a compliant cloud. Netmail Hadron allows investigations and eDiscovery on file systems, email archives, SharePoint, SharePoint O365, and file sharing solutions such as Box, Egnyte, and Citrix ShareFile.

As American healthcare organizations are required to meet HIPAA regulations, they may be required to perform regular audits to find confidential information such as PHI, PCI, and PII. When these organizations start moving to the cloud, having broad visibility into that data on the cloud and on-premises becomes increasingly difficult. Netmail Hadron provides a secure data auditing solution that will enable healthcare organizations to easily identify and view all of their sensitive data, no matter where it is located before and after migrating this data to the cloud.

AzureSecurityContainer3

“Project Hosts provides Azure security containers that, together with supporting policies and procedures, implement controls related to access, authentication, encryption, auditing, business continuity, change management, incident response, privacy, annual assessment and other areas required for compliance with leading standards, including HIPAA, HITRUST, IS0 27001, and FedRAMP,” said Scott Chapman, CEO and Co-founder of Project Hosts, Inc. “When ISVs or healthcare entities choose to deploy their applications in these containers, they inherit compliance with those standards, allowing them to deliver compliant cloud solutions to their customers.”

Netmail will be demo-ing their Hadron solution in a HIPAA/HITRUST Azure Cloud at the Microsoft Ignite #MSIgnite conference in Orlando, FL, September 25-29, in booth #1244.

 


Securing your Azure Cloud for Healthcare

September 21, 2017

Healthcare organizations are finding it more cost-effective to garner the services of a reputable Cloud Service Provider (CSP) to manage their Azure cloud. Whether the need is to provide managed services for their Azure cloud subscription, or a need to deploy, host and manage the solution over it’s lifespan using the CSP’s subscription, there is peace of mind that their cloud is compliant and secure.

Azure’s IaaS or PaaS cloud platform allows you to quickly create a Windows or Linux server environment with minimal effort and trust that the infrastructure (servers/storage/network) and platform (operating system/database) elements will be available 24×7. But once servers are spun up, application management services are still needed. Project Hosts’ Azure Managed Services with Extended Security fill the current gap that many enterprises and government agencies have in managing critical elements of their Azure deployments:

    Azure Security Management

    Continuous Monitoring & Performance Optimization

    Applications Access & Management,  User Support

Our cloud security experts have the expertise and compliance competency for today’s most rigorous cloud security standards including ISO 27001, NIST 800-53, HIPAA / HITRUST, FedRAMP Moderate, High,  and DoD CC SRG IL4/5.

Note: Government security standards such as FedRAMP/DoD are only available in a Project Hosts’ subscription.

HIPAA/HITRUST Compliant Clouds

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services

 


Understanding the Cloud Migration Roadmap

September 11, 2017

Migration_Art_101Cloud migration can be a daunting task. What are the necessary steps to ease your transition from on-premises to the cloud?

First, you want to decide which applications and workloads you will be migrating. Many factors must be considered before deciding which on-premises applications should be moved to the cloud when considering cloud migration. Here are some general guidelines that we typically encounter in working with healthcare providers. Cloud migration should be considered under the following circumstances:

  • Applications that are not ISO 27001, HIPAA or HITRUST compliant , yet need to be
  • Customer-facing web-or-mobile applications that are operational of in-develpment
  • Applications and OS/database platforms* that are several revisions back and are scheduled for larger scale upgrades (Such as Windows Server/SQL Server or Linux/My SQL)
  • Any on-premises infrastructure that is: limiting application performance, cannot scale up or down as needed, lacks adequate storage, or cannot meet disaster recovery or business continuity needs
  • Any on-premises application/solution which requires additional integration with external PHI/EHR system in a secure manner (i.e. hybrid-cloud solutions)
  • Workloads that can be more efficiently and economically managed in a cloud platform such as backup, date archiving or disaster recovery

Ashley_HIPAAHaving a Complete Migration Plan helps to organize the migration by outlining all aspects of the move, including OS’s, databases, applications and their associated upgrades, licensing considerations, security aspects and pricing. After a pre-migration audit, Project Hosts can create a new HIPAA/HITRUST compliant Azure Cloud in either your subscription, or our own, with the most up-to-date databases and applications, and migrate your data, workloads and configuration settings for you.

For more information about Cloud Migration, contact Project Hosts today.

 

HIPAA/HITRUST Compliant Clouds

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services


The Healthcare Industry is Migrating to the Cloud with the help of Microsoft’s Azure Security Containers

August 31, 2017

More healthcare providers are migrating to the cloud to cut costs and increase security through measurable compliance, but many are having trouble deciding where to start. Fortunately for, there are well respected industry leaders, such as Microsoft, who have developed solutions for healthcare’s cloud computing needs. Microsoft  now offers Azure Security Containers for Healthcare companies and ISVs who need to ensure their cloud apps and workloads are fully compliant with regulatory standards at the software and data level. CSPs, like Project Hosts are providing complete migration plans and  Azure Managed Services, giving healthcare providers and ISVs a one-stop solution to their migration needs.

Azure Security Containers

The Azure Security Container enables Healthcare providers to move their on-premises apps and workloads into the cloud with full HIPAA/HITRUST compliance, quickly, cleanly and affordably. This is achieved through Project Hosts’ Complete Migration Process, Managed Security Services, and Compliance Documentation and Management.

The HIPAA/HITRUST Azure Security Container offers a complete, ready-to-run environment that includes:

  • Azure Security Services – A turnkey Azure environment that ensures that any Windows or Linux apps deployed are fully compliant with ISO 27001, HIPAA and HITRUST security standards at the software (SaaS) level. Elements of this include: HIPAA/HITRUST Security Compliance, Azure Applications and Access Management Services, Azure Performance Management Services, and Documentation and Compliance Management.
  • Backup and Archiving Services – Leverage Azure services and third party tools to provide archiving for Office 365 email – a necessity for security and eDiscovery requirements.
  • Disaster Recovery Services – Advanced Disaster Recovery for on-premises solutions that support the recovery of secured data and applications when an customer on-premises outage happens at their primary datacenter.
  • Compliance Management Tools / Services – For healthcare providers managing their own Azure subscriptions, the ISMScloud.com provides a secure, online application to help manage and document the process of gaining your HIPAA/HITRUST compliance.

Azure Security Management

Project Hosts’ Azure Security Management services include implementing and managing the following:

  • HIPAA Security Controls (as defined by NIST 800-66)
  • HiTRUST Security Controls (as defined by HiTRUST CSF-certification)
  • Azure subnets with their NSG “firewall” access controls
  • An Active Directory Domain to manage servers and group policy
  • Web Application Proxy (WAP) servers as the controlled front door to the Deployment
  • McAfee Host Intrusion Prevention System (HIPS) on every server, and EndPoint Protection centrally managed by ePolicy Orchestrator

HIPAA/HITRUST Compliant Clouds

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services


%d bloggers like this: