Securing your Azure Cloud for Healthcare

September 21, 2017

Healthcare organizations are finding it more cost-effective to garner the services of a reputable Cloud Service Provider (CSP) to manage their Azure cloud. Whether the need is to provide managed services for their Azure cloud subscription, or a need to deploy, host and manage the solution over it’s lifespan using the CSP’s subscription, there is peace of mind that their cloud is compliant and secure.

Azure’s IaaS or PaaS cloud platform allows you to quickly create a Windows or Linux server environment with minimal effort and trust that the infrastructure (servers/storage/network) and platform (operating system/database) elements will be available 24×7. But once servers are spun up, application management services are still needed. Project Hosts’ Azure Managed Services with Extended Security fill the current gap that many enterprises and government agencies have in managing critical elements of their Azure deployments:

    Azure Security Management

    Continuous Monitoring & Performance Optimization

    Applications Access & Management,  User Support

Our cloud security experts have the expertise and compliance competency for today’s most rigorous cloud security standards including ISO 27001, NIST 800-53, HIPAA / HITRUST, FedRAMP Moderate, High,  and DoD CC SRG IL4/5.

Note: Government security standards such as FedRAMP/DoD are only available in a Project Hosts’ subscription.

HIPAA/HITRUST Compliant Clouds

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services

 


Federal CIOs, Struggle No Longer – Compliant Managed Cloud Services

July 20, 2017

In a CIO.com article titled, “5 years into the ‘cloud-first policy’ CIO’s still struggling”, Marlon Andrew, deputy CIO at the National Archives and Records Administration was quoted, saying, “The greatest challenge is not getting a contract in place, but what you find out is where those boundaries cross of who’s now responsible because you’re in a different infrastructure set-up, and what the cloud provider’s going to do versus the contract staff, versus the application support staff versus the infrastructure staff,” Andrews says. “So, that’s the greatest challenge we’re having now is defining roles and responsibilities and who’s going to do what because the world has changed as we’ve known it, and we’ve been client-server for so many years that this is truly a different environment for us.” He continues with this question, “What does the word ‘manage’ mean in a cloud environment.”

It’s a great question, and like so many questions, the answer is “it depends.”   It really depends on the type of cloud solution provider you’re working with, the types or levels of services they offer, and the amount of control they’re willing give you. When it comes to “managing,” Project Hosts offers a range of “managed services”.  From helping or assisting you in your subscription, to co-supporting an environment based on the software layer, to fully managed hosting services.  In this way, you can apply the talent and resources you have where they’re most likely most needed and valued — typically at the application layer where you’ve done custom development or configuration for your software solution. You should consider offloading things like infrastructure, server, platform and networking management to a cloud solutions provider as they can manage and monitor the environment more cost effectively than using your own staff.

In addition, some CSPs, like Project Hosts, offer advanced  management services such as security controls implementation and management to ensure compliancy with regulatory standards.  Project Hosts provides ready-to-run containers that support the necessary security controls including ISO 27001, HIPAA/HITRUST, NIST 800-53, and FedRAMP Moderate, High and DoD CC SRG IL4/5 level with full compliancy. 

So in summary, we provide the managed services to deploy, host, monitor, and maintain your subscription, ensuring ongoing trouble-free operation in a highly secured cloud. Whether you need us to provide managed services for your Azure cloud subscription, or you need us to deploy, host and manage the solution over it’s lifespan using our subscription, rest assured we will secure your cloud.

Click here for more information about FedRAMP SaaS Compliant Solutions.

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services


FedRAMP Websites made Secure through Required FedRAMP Control Families

June 22, 2017

FedRAMP-Websites2Pursuant to a memorandum released in November, 2016 by the US Office of Management and Budget, M-17-06 Policies for Federal Agency Public Websites and Digital Services, Project Hosts’ FedRAMP compliant websites can meet website objectives and recommendations. U.S. federal and state government agencies and enterprise organizations that need a highly secure website and content management system can now use Drupal, Joomla and WordPress for FedRAMP compliant websites with database.

Vulnerability scans, expensive audits and access control are at the forefront of the RA, AU and AC Control Families, which along with 253 additional controls, give Federal and State agencies and their citizens peace of mind when accessing and sharing information over their FedRAMP websites. Project Hosts, Inc. has put together a series of videos going over the various control families necessary to achieve FedRAMP compliance. While some of the control families are industry standard for IT security management, it is the substantial number of controls required in FedRAMP that adds the impenetrable layers of security through FedRAMP Compliance.

FedRAMP_Video_SeriesThe RA- Risk Assessment FedRAMP Security Control Family is primarily about vulnerability scanning on your system.

The AU – Audit and Accountability FedRAMP Security Control Family covers the logging that you must do in you systems to be able to alert you when something is going wrong, or to diagnose incidents. Such audits can cost upwards of $200k annually.

The AC- Access FedRAMP Security Control Family is the largest family with 43 controls. This family of controls covers how you provide control over who accesses your environment and how you authorize that access.

Click here for more information about FedRAMP SaaS Compliant Solutions.

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services


Understanding the FedRAMP Control Families ( Video Series with Project Hosts)

May 9, 2017

Project Hosts has recently released a series of 17 videos that outline the security controls required for FedRAMP compliance of an environment built on Microsoft Azure.  IaaS/PaaS services like Microsoft Azure take care of 25-30% of all required FedRAMP security controls, but the remaining 70-75% still need to be put in place.  In the series, Project Host CEO Scott Chapman addresses each control family, describing in detail what needs to be implemented above Azure for ISVs who sell to the Federal Government or for Agencies who would like to move applications to the cloud.

FedRAMP_Video_Series

In the series, Project Host CEO Scott Chapman addresses each control family, describing in detail, what needs to be implemented above Azure for ISVs who sell to the Federal Government or for Agencies who would like to move applications to the cloud.

Our Federal Private Cloud for Windows and Linux Applications (FPC) provides cloud-based access to Microsoft applications including SharePoint, Project Server, Dynamics CRM, Power BI, Visual Studio, TFS, Remote Desktop, and Office; applications from other commercial software vendors such as AvePoint, BrightWork, Gimmal, Innovative-e, Nintex, UMT360, and Urban Turtle; and open source applications such as Drupal, WordPress and Joomla for agency website content management.   A hybrid cloud architecture allows agencies to leverage shared services for some functions (e.g. authentication, monitoring, scanning) while still having the option to choose dedicated servers for applications and databases. This series of videos offers some insight into the controls that make all of this possible.

Click here for more information about FedRAMP SaaS Compliant Solutions.

Secure Azure Services

Secure SharePoint on Azure

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services


27K Summit Offers Risk Management Professionals a Glimpse at the Latest in ISO 27001 Certification Tools

September 20, 2016
Business women at desk throwing paper up in air

The ISO Certification Process can be a nightmare

On September 26th through the 28th, San Francisco will be hosting the 27K Security Summit. 27k represents the ISO 27001 certification. With the ever growing multitude of security threats, organizations are having to demonstrate proper management of cyber security through compliance.

The International Standards Organization or ISO, explains ISO 27001 as a family of standards that helps organizations keep information assets secure. Using the family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties. To better help organization obtain and maintain this family of standards or compliance, Project Hosts has developed the ISMScloud.

The ISMScloud service is a secure, online application that can help you manage and document the process of securing your company’s information system, protecting your business and employees’ privacy and achieving your ISO 27001 certification.

ISMS_ArtThe ISMScloud provides a best-practices approach to managing the ISO process using standard ISO controls. It follows the Plan-Do-Check-Act (PDCA) cycle methodology through a centralized and intelligent, yet easy to use Information Security Management System (ISMS).

For more information, join us at the 27k Summit or visit our site at: www.ismscloud.com

 

 


A FedRAMP Compliant Cloud offers Military Grade Data Security for the Public Sector

July 13, 2016

FedRAMP_Security_NotFedRAMP recently announced the High Security Baseline, allowing Cloud Service Providers (CSPs) to provide high-level security environments for federal agencies looking to leverage the cloud. The private sector is now seeking FedRAMP level compliance to protect and secure critical business data and assets.

Enterprise security professionals are now requiring a commercial FedRAMP compliant cloud solution that can not only protect their critical data assets but also protect:

  • Information about mid-range to long-range strategic plans
  • Information that includes IP (Intellectual Property) and researching findings
  • Information that could lead to lost sales
  • Information that could lead to financial or regulatory penalties
  • Information that could result in severe damage to the company’s value or reputation
Fedramp-managed-services

Project Hosts Federal Private Clouds

The the rise of public cloud security breaches, protecting ones critical data assets with a FedRAMP compliant cloud solution in Azure is a simple assurance of true security. Private enterprises are now defining their “information security levels” and specifying the level of security required for each of their cloud-based applications an associated data. In the same fashion that FedRAMP classifies information security levels for confidentiality, integrity and availability into “low impact,” “moderate impact,” and “high-impact,” categories, private enterprises are doing the same.

SharePoint Custom Cloud

Share Point FedRAMP Cloud

CRM Custom Cloud

CRM FedRAMP Cloud

PPM Custom Cloud

PPM FedRAMP Cloud

Remote SharePoint Administrator

Azure Managed Services

 

 


DocPoint Brings Project Hosts’ FedRAMP Cloud Solutions & Services onto GSA Schedule 70

April 28, 2016

Today, our partner DocPoint Solutions, Inc., a leader in the implementation, customization, training and support of SharePoint solutions and its integrated suite of products, announced that they have brought our  Federal Private Cloud (FPC) cloud solutions to onto their General Services Administration (GSA) Schedule 70. Through this partnership, DocPoint will be able to promote and sell FedRAMP SaaS-level compliant cloud solutions as part of a complete enterprise content management (ECM) system.

DocPoint-Graphic

Scott Swidersky, president of DocPoint Solutions, said, “Like companies in the commercial sector, government agencies are turning to cloud-based solutions to promote information sharing across the enterprise in a more cost-effective, scalable manner. However, federal organizations must comply with strict standards to safeguard data and prevent security breaches. With Project Hosts on our GSA Schedule 70, we can offer these clients a complete, secure and compliant ECM solution in the Microsoft Azure Government cloud.”

Project Hosts’ FPC for Windows and Linux Applications provides cloud-based access to Microsoft applications including SharePoint, Project Server, Dynamics CRM, Power BI, Visual Studio, TFS, Remote Desktop, and Office; applications from other commercial software vendors such as AvePoint, Gimmal, Innovative-e, Nintex, eSignLive, UMT360 and more; and open source website content management applications such as Drupal, WordPress and Joomla.

With Project Hosts’ cloud solutions and services on DocPoint’s GSA Schedule 70, federal agencies and government organizations have the benefit of turning to a single entity for a secure, compliant and cost-effective ECM solution that improves productivity, efficiency and enterprise-wide collaboration.

 

 


%d bloggers like this: