Securing your Azure Cloud for Healthcare

September 21, 2017

Healthcare organizations are finding it more cost-effective to garner the services of a reputable Cloud Service Provider (CSP) to manage their Azure cloud. Whether the need is to provide managed services for their Azure cloud subscription, or a need to deploy, host and manage the solution over it’s lifespan using the CSP’s subscription, there is peace of mind that their cloud is compliant and secure.

Azure’s IaaS or PaaS cloud platform allows you to quickly create a Windows or Linux server environment with minimal effort and trust that the infrastructure (servers/storage/network) and platform (operating system/database) elements will be available 24×7. But once servers are spun up, application management services are still needed. Project Hosts’ Azure Managed Services with Extended Security fill the current gap that many enterprises and government agencies have in managing critical elements of their Azure deployments:

    Azure Security Management

    Continuous Monitoring & Performance Optimization

    Applications Access & Management,  User Support

Our cloud security experts have the expertise and compliance competency for today’s most rigorous cloud security standards including ISO 27001, NIST 800-53, HIPAA / HITRUST, FedRAMP Moderate, High,  and DoD CC SRG IL4/5.

Note: Government security standards such as FedRAMP/DoD are only available in a Project Hosts’ subscription.

HIPAA/HITRUST Compliant Clouds

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services

 


Federal CIOs, Struggle No Longer – Compliant Managed Cloud Services

July 20, 2017

In a CIO.com article titled, “5 years into the ‘cloud-first policy’ CIO’s still struggling”, Marlon Andrew, deputy CIO at the National Archives and Records Administration was quoted, saying, “The greatest challenge is not getting a contract in place, but what you find out is where those boundaries cross of who’s now responsible because you’re in a different infrastructure set-up, and what the cloud provider’s going to do versus the contract staff, versus the application support staff versus the infrastructure staff,” Andrews says. “So, that’s the greatest challenge we’re having now is defining roles and responsibilities and who’s going to do what because the world has changed as we’ve known it, and we’ve been client-server for so many years that this is truly a different environment for us.” He continues with this question, “What does the word ‘manage’ mean in a cloud environment.”

It’s a great question, and like so many questions, the answer is “it depends.”   It really depends on the type of cloud solution provider you’re working with, the types or levels of services they offer, and the amount of control they’re willing give you. When it comes to “managing,” Project Hosts offers a range of “managed services”.  From helping or assisting you in your subscription, to co-supporting an environment based on the software layer, to fully managed hosting services.  In this way, you can apply the talent and resources you have where they’re most likely most needed and valued — typically at the application layer where you’ve done custom development or configuration for your software solution. You should consider offloading things like infrastructure, server, platform and networking management to a cloud solutions provider as they can manage and monitor the environment more cost effectively than using your own staff.

In addition, some CSPs, like Project Hosts, offer advanced  management services such as security controls implementation and management to ensure compliancy with regulatory standards.  Project Hosts provides ready-to-run containers that support the necessary security controls including ISO 27001, HIPAA/HITRUST, NIST 800-53, and FedRAMP Moderate, High and DoD CC SRG IL4/5 level with full compliancy. 

So in summary, we provide the managed services to deploy, host, monitor, and maintain your subscription, ensuring ongoing trouble-free operation in a highly secured cloud. Whether you need us to provide managed services for your Azure cloud subscription, or you need us to deploy, host and manage the solution over it’s lifespan using our subscription, rest assured we will secure your cloud.

Click here for more information about FedRAMP SaaS Compliant Solutions.

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services


Azure Security Containers for Healthcare

May 24, 2017

container-registryProject Hosts is a Microsoft Cloud Solution Provider that manages the application-level HIPAA / HiTRUST / NIST 800-66 security controls that must be in place for healthcare companies to move their Windows and Linux Deployments into a secure Microsoft Azure Container.  Our Microsoft Azure Security Container and Managed Services include ongoing scanning, patching, log reviews, alerting, incident response, backup, DR tests, user authorization tracking, data loss prevention and more for customer developed, or ISV-based applications.

Project Hosts’ cloud security experts ensure that all HIPAA / HITRUST / NIST 800-66 security controls are implemented and documented for your deployment. Deployments are subjected to annual penetration testing and certified auditor assessments. Whether custom developed, or obtained from an independent software vendor (ISV), your software will be fully scanned, logged, and penetration tested to meet compliance standards when migrated to Azure.

Ashley_LRG_HIPAAHealthcare Client Value:

Enable you to move on-premises Windows and Linux apps into a HIPAA / HiTRUST / NIST 800-66 compliant Azure cloud quickly and cost-effectively.

Leverage our expertise in Healthcare security standards and security control methodologies to get, and maintain your certification and compliance.

Reduce your IT services and support workloads while delivering more integrated cloud offerings.

Enable you to leverage your existing on-premises software solutions into the cloud, without starting over.

Ensure the overall success and adoption of your cloud with ongoing management, monitoring, support and optimization.

Secure Azure Services

Secure SharePoint on Azure

Remote SharePoint Administrator

Azure Managed Services

 

 


Avoiding security breaches in a HIPAA Compliant Microsoft Azure Cloud Environment

March 21, 2017

Ashley_HIPAAAccording to HIPAA compliance regulations, security breaches of confidential patient data must be reported to the Office of Civil Rights (OCR). When your organization has access to Protected Health Information (PHI), it is essential that HIPAA compliance is maintained, making it less likely to experience such breaches. The act of not adhering to the HIPAA Breach Notification Rule by failing to report a breach can result in criminal charges and civil action lawsuits, severely damaging your practice or organization. Working with a compliant Cloud Service Provider (CSP) gives you peace of mind that all security controls are in place, effectively securing patient’s sensitive information from breaches.

HIPAA_ShieldBy moving your data into a Microsoft Azure cloud, your data is protected on the infrastructure and platform levels with HITRUST compliance. Working with a CSP like Project Hosts adds 200+ controls on the SaaS level, while also adding ongoing scanning, patching, log reviews, alerting, incident response, backup, DR tests, user authorization tracking, data loss prevention and more for customer developed or ISV-based applications.

A compliant CSP provides technical, physical and administrative safeguards against breaches, lowering the probability of having to ever concern yourself with the HIPAA Breach Notification Rule.

Secure Azure Services

Secure SharePoint on Azure

Remote SharePoint Administrator

Azure Managed Services


A FedRAMP Compliant Cloud offers Military Grade Data Security for the Public Sector

July 13, 2016

FedRAMP_Security_NotFedRAMP recently announced the High Security Baseline, allowing Cloud Service Providers (CSPs) to provide high-level security environments for federal agencies looking to leverage the cloud. The private sector is now seeking FedRAMP level compliance to protect and secure critical business data and assets.

Enterprise security professionals are now requiring a commercial FedRAMP compliant cloud solution that can not only protect their critical data assets but also protect:

  • Information about mid-range to long-range strategic plans
  • Information that includes IP (Intellectual Property) and researching findings
  • Information that could lead to lost sales
  • Information that could lead to financial or regulatory penalties
  • Information that could result in severe damage to the company’s value or reputation
Fedramp-managed-services

Project Hosts Federal Private Clouds

The the rise of public cloud security breaches, protecting ones critical data assets with a FedRAMP compliant cloud solution in Azure is a simple assurance of true security. Private enterprises are now defining their “information security levels” and specifying the level of security required for each of their cloud-based applications an associated data. In the same fashion that FedRAMP classifies information security levels for confidentiality, integrity and availability into “low impact,” “moderate impact,” and “high-impact,” categories, private enterprises are doing the same.

SharePoint Custom Cloud

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services

 

 


3 Reasons SharePoint Professionals, Developers and Administrators are Migrating to 2016

July 7, 2016

SharePoint2016-upgrade-programFrom our discussions with SharePoint professionals, developers, and administrators, here are the top three reasons why organizations are migrating to SharePoint 2016:

1.       Your SharePoint farm is simply… OLD!   It’s time to upgrade those antiquated 2007 and 2010 deployments to a new SharePoint 2016 platform – either SharePoint Online or SharePoint in Azure.  Even SharePoint 2013 users will gain tremendous benefits by moving to 2016.

2.       HYBRID is the new on-prem!  That’s right, the on-premises folks have realized that managing their own server farms is just too much work without reward, so they’re leveraging Azure.

3.       Apparently, SECURITY matters to a lot of people!  Especially to enterprise customers and government agencies who want to protect and secure their data assets in SharePoint.

Stock_Amanda_Brent_David_Sign_SharePointSure – there are a lot of other great reasons to migrate and upgrade, but these are the top 3 we regularly encounter.  If you have questions click on the following links to learn more about SharePoint Security, SharePoint Upgrades, and SharePoint Clouds for Government agencies  – including federal, state, and local.

Interested in moving, but don’t know where to begin – talk to us.  We’ve got the dedicated personnel, experience and flexible deployment and managed services plans to get you there quickly, and keep you up and running effortlessly. We’re Project Hosts, a leading CSP (Cloud Service Provider) with more than 13 years of experience in delivering cloud hosting and managed services for Microsoft solutions, with a specialization in SharePoint.

SharePoint Custom Cloud

Share Point FedRAMP Cloud

Azure Managed Services


New Secure Cloud Services For Azure and Hosted Microsoft Apps Protect Businesses and Employee Data

April 4, 2016

Scott-Chapman-SecureCloudServicesToday from the floor of the Microsoft 2016 Envision Conference, in the heart of New Orleans, we announced our new lineup of Secure Cloud Services for Azure and hosted Microsoft solutions. Our Secure Cloud Service offerings for Microsoft ISVs, government agencies and enterprises will help fully protect their business and employee data from unauthorized access or theft.

Our new security services are available for Azure or as a fully hosted private/hybrid cloud solution and support today’s most rigorous industry security standards including Department of Defense IL4, FedRAMP, NIST 800-53 and ISO 27001+.  If you are in New Orleans this week at Microsoft Envision stop by Project Hosts’ booth # 1725  to discuss your cloud security options.

From today’s Secure Cloud Services announcement: “With government agencies and enterprise organizations adopting cloud-based services at an unprecedented rate, never before in the history of information technology has the risk of theft and unauthorized access of business assets and employee data been so great,” said Scott Chapman, CEO and co-founder of Project Hosts, Inc. “As such, we’ve developed a new set of fully-secured cloud service offerings that protect your Microsoft cloud-based applications for Azure and in hosted environments.”

envision-booth-pic.jpg

Secure Cloud Services are available in four distinct platforms, and can be implemented in an ISV’s or customer’s Azure environment, or as private or hybrid hosted solution.  Project Hosts’ secure cloud platforms include:

  • ISO 27001 Compliant Cloud – Our ISO 27001 cloud delivers a dedicated private or hybrid cloud for commercial customers that meets the 120 security controls defined by the International Standards Organization. About ISO 27001:13: an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission(IEC) under the joint ISO and IEC subcommittee.
  • NIST 800-53 Compliant Cloud – Our NIST 800-53 cloud provides an additional 141 security controls delivering a robust commercial cloud with 261 security controls. About NIST 800-53: an information security controls standard for information systemsexcept those related to national security. It is published by the National Institute of Standards and Technology.
  • FedRAMP Compliant Cloud(SaaS Level)- Our FedRAMP SaaS-Level compliant Federal Private Cloud (FPC) for Windows and Linux apps meets the GSA’s mandated ~325 security controls for federal agencies; also a popular platform for state and local agencies looking for robust cloud security. About FedRAMP:  the Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
  • DoD IL 4 Compliant Cloud – The most secure cloud platform that is expressly designed and audited for the U.S. Department of Defense — meets DISA (Defense Information Systems Agency) Level 4 standard with 369 security controls. About DISA IL 4: an extension to FedRAMP with the security controls and access designed specifically for the needs of the U.S. Department of Defense.

%d bloggers like this: