Within the HIPAA Security Rule are Administrative, Physical, and Technical Safeguards. These safeguards are as important to understand as they are to implement, so let’s dive into one:

164.312(e)(1) - Transmission Security . Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.

Today's risk management reality

Serving the healthcare industry can be a double-edged sword. On the one hand, healthcare vendors have the privilege to participate in something that actually makes the world a better place - helping people lead healthier lives, and helping them get better when they're sick. On the other hand, the healthcare industry rightfully comes with a significant responsibility toward privacy, security, and governance. Vendors are saddled with filling in yet another 250-line Excel security questionnaire every time they want to be considered for a new project, and often have to execute multiple assessments for various regulatory frameworks as HIPAA, SOC 2, the NIST Cybersecurity Framework, and MARS-E, to name just a few.

New Features

• Migration to Trend Micro Deep Security 11.2
• We are in the process of migrating current Trend Micro users to the latest version of Trend Micro Deep Security.  The latest version of Trend Micro Deep Security offers an exciting set of features including: support for containers, improved api interaction, improvements in event notifications, inactive agent cleanup, and automatic malware agent updates.  Along with these improvements, we will be offering deeper integration between server agent events and our support ticket system, giving you immediate feedback and potential resolution for critical events.  We will also be adding new dashboards to provide a quick summary of your EC2 security posture. 
• EC2 Inventory
  • We have created a process for gathering high-level information on your fleet of EC2 instances.  This process runs from the Cloudticity management account every 12 hours and collects the latest information on your EC2 instance configuration including: tagging, SSM agent status, installed services, OS platform type, and OS version.  We are currently using this information in our internal processes used to track SSM installations and proper tagging.   Future plans include adding alerts for new instances (if requested), compliance-based configuration issues, and outdated OS platforms.  

Coming Soon

• Unified Server Access Logging
• A common request we receive from our customers is to provide a logging solution that captures server access and security events and aggregates them in a single storage location for querying and visualization.  We are working on this solution now with an official release in Q1 of 2019.  We will be leveraging native AWS services such as Kinesis, S3, Athena, and QuickSight to provide an end-to-end system for monitoring, alerting and visualizing server access logs.  If you are interested in being a beta tester, or have any question regarding this feature, please reach out to our support desk.

Within the HIPAA Security Rule are Administrative, Physical, and Technical Safeguards. These safeguards are as important to understand as they are to implement, so let’s dive into one:

Within the HIPAA Security Rule are Administrative, Physical, and Technical Safeguards. These safeguards are as important to understand as they are to implement, so let’s dive into one:

New Features

• OS-Level Compliance Checks
• We have developed an automated process for running server-level compliance checks using Chef Inspec. Our current suite of checks are based on the DevSec Hardening Framework and include specific checks from the windows-baseline and linux-baseline repositories.  Once installed, the compliance checks will run every day with results posted to the Oxygen dashboards.  The compliance checks are configured to run by using server tagging to identify each server to be included in the daily process.  OS-Level Compliance checks are not installed in your account by default, but you can request installation by reaching out to Cloudticity support. 
• EC2 Inventory
  • We have created a process for gathering high-level information on your fleet of EC2 instances.  This process runs from the Cloudticity management account every 12 hours and collects the latest information on your EC2 instance configuration including: tagging, ssm agent status, installed services, os platform type, os version, etc.  We are currently using this information in our internal processes used to track ssm installations and proper tagging.   Future plans include adding alerts for new instances (if requested), compliance-based configuration issues, and outdated OS platforms.  

Coming Soon

• Migration to Trend Micro Deep Security 11.2
• The latest version of Trend Micro Deep Security offers an exciting set of features including: support for containers, improved api interaction, improvements in event notifications, inactive agent cleanup, and automatic malware agent updates.  Along with these improvements, we will be offering deeper integration between server agent events and our support ticket system, giving you immediate feedback and potential resolution for critical events.  We will also be adding new dashboards to provide a quick summary of your EC2 security posture. 
• Improved AWS Limit Detection
• We are improving our AWS limit detection service to include direct customer feedback for increasing service limits. In addition to the current process of approving Cloudticity support to increase limits on your behalf, you will now be able to increase limits with a click of your mouse.

New Features

• AWS Personal Health Dashboard Integration
• We are now capturing AWS Personal Health Dashboard events for notifications and visualization.  The Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.  The Personal Health Dashboard is enabled by default in your account and displays its results in the AWS console.  Oxygen integration will be capturing new dashboard results and providing workflow starting with support ticket creation.  Future enhancement will include custom workflow such as automated instance stop/start to address degraded hardware alerts.
• AWS GuardDuty Integration
• We are now capturing GuardDuty findings events. Amazon GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads.  As issues are detected, GuardDuty will create findings.  These findings are then captured by Oxygen and workflow is executed.  Initial workflow includes support ticket creation with future enhancements to include automated blocking of suspicious IP addresses.  For more information on Amazon GuardDuty you can view the documentation found here.
• Improvements to Server Monitoring
  • We are releasing a new version of server monitoring providing better filesystem alarm aggregation.  The current configuration creates alarms based on each volume mount point.  While this provides added granularity, it also can create too much "noise" with multiple alarm points for each volume.  This release will now aggregate alarms based on each ebs volume (for Linux) and each drive (for Windows).  We are also revising the Oxygen Dashboards to support the new filesystem aggregations. 

Coming Soon

• OS-Level Compliance Checks
• We have developed an automated process for running server-level compliance checks using Chef Inspec. We will be releasing this feature to all of our customers in the coming weeks. The compliance checks can be configured to run on a subset of servers using tagging. The results of the compliance check will be made available in the Oxygen dashboards.
• Improved AWS Limit Detection
• We are improving our AWS limit detection service to include direct customer feedback for increasing service limits. In addition to the current process of approving Cloudticity support to increase limits on your behalf, you will now be able to increase limits with a click of your mouse.

Within the HIPAA Security Rule are Administrative, Physical, and Technical Safeguards. These safeguards are as important to understand as they are to implement, so let’s dive into one:

Reserved Instances (RIs) provide substantial savings compared to On-Demand pricing, and provide immediate savings opportunities for most companies. This blog post explores the fundamentals of RIs, and provides advice on how to get the most out of reservations. Managing RIs is complex considering the many types, levels of pricing, and rules around usage. Therefore, understanding the RI mix is essential to optimizing AWS usage costs. We asked Parquantix to help outline some important considerations when purchasing RIs. Parquantix manages more than $40 million in AWS reservations worldwide.

I had the privilege of being asked to speak at the HITRUST Annual Conference this week. In addition to being amazed at the quality of leadership this conference attracts, I noticed a few recurring themes: