SlideShare a Scribd company logo

Mrx security

Download as PPSX, PDF
D
davidjd

The document summarizes the security measures taken to protect data at the MRX servers located at Telehouse Data Centre in London. It describes physical security protections including access controls, CCTV monitoring, and perimeter intrusion detection. It also outlines secure connectivity using HTTPS and SSH with 256-bit encryption, as well as sensitive data storage on an encrypted SAN. The identity verification process and key management procedures for new organizations are provided in detail.

Technology
1 of 22
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
We take Security and Data Protection Seriously
Physical Security The MRX servers are housed in Telehouse Data Centre, Docklands, London.
Physical Security Telehouse provides: •Independent client card identification access system. •Secure & monitored single-person point of entry, physically guarded 24/7 and integrated digital video camera surveillance. •Proximity card access will be provided from the main Data Centre building and will be issued to specific facilities management suites. •Strict security processes in place to ensure delivery and loading of goods are secure.
Physical Security •CCTV coverage for the perimeter, common areas and facilities management suites. •Perimeter fence is fitted with intruder sensing. •Secure access procedures to ensure nominated staff can gain authorised access to the facility day or night.
Server Connectivity https – Secure Web for user access to the system. SSH – Secure Shell using a non standard port for system administration access to the system. Both these connection types use public-key cryptography to protect data travelling between client and server using 256-bit encryption.
Mrx security
Mrx security
Server Connectivity Public Key Certificate •Every client that connects to the server must have a Private Key Installed that matches a Public Key held on the server. •Each Client has their own key pair. •Without a valid key pair it is impossible to connect to the server remotely.
Mrx security
Mrx security
Sensitive Data Storage •Stored in a secure area of a SAN located in the same rack as the server in Telehouse London. •Deleted once it has been downloaded. •Encrypted using the OpenPGP standard.
Sensitive Data Storage OpenPGP (Pretty Good Privacy) •Uses Public Private Key Encryption. •Public Key held on the server used to Encrypt data. •Private key held by the client is the only way to Decrypt the data. •Minimum 2048-bit Encryption.
Identity Control Organisations new to MR X request access to the system by completing an online form on the public web site.
Identity Control We verity the authenticity, address, telephone number of the applicant organisation and capture details of the senior staff using yell and industry specific lists.
Identity Control We call the applicant organisation using the publicly available phone number, confirm the authority of the person applying. We verbally agree pass phrases for keys, and initial password for the system with the applicant.
Key and Certificate Control The agreed passwords and phrases are passed to the system administration team on paper (no electronic copy is taken and any form of copying of the original paper copy is not allowed).
Key and Certificate Control •The system administrators, using a stand alone computer create and signs the key pair for connecting to the server using the agreed passphrase. •The User is created on the system. •The public key is loaded onto the MR-X servers. •Paper containing pass phrases and passwords are destroyed. •All keys are valid for 1 year. •Keys can be revoked if they are compromised.
Key and Certificate Control The following are emailed to the applicant: •Private key and Certificate. •Root Certificate. •User name. •Instructions as to what to do next. •User Manual.
Key and Certificate Control •The client follows the instructions sent to them to install certificates (they require the passphrase previously agreed with us) on to any computers they require to access the MR-X system. •The client can then log onto the system, change their password, create additional users. •The instructions make the client aware that they are responsible for their own security and they must advise us if security is breached.
PGP Implementation •PGP is only required to be installed by those organisations receiving Medical Records. •For those that require PGP as a desktop application we provide a link to the Gpg4win program. •For those that receive a large number of Medical records we can provide a hardware solution.
PGP Implementation Instructions are given to the client: •How to create a PGP key pair. •How to use Gpg4win with the MR-X system. •To send us the Public key.
PGP Implementation •We will call the client to confirm they sent us the key and to authenticate it through the key fingerprint. •We will sign and install the public key on the MR-X servers. •We will register the key against the clients account on the MR-X system and activate the “receive medical records” feature.

More Related Content

PPTX
Authentication
primeteacher32
 
PDF
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Ray Potter
 
PPTX
Application layer Security in IoT: A Survey
Adeel Ahmed
 
PPTX
Secure remote device access
Nirmal Thaliyil
 
PPTX
IP Protocol Security
David Barker
 
PPTX
eWON_SecurityV5 - Public
Yvan Rudzinski
 
PDF
Tatanet Corporate Presentation
Rohit Kumar
 
PPTX
Ace
Will Storey
 
Authentication
primeteacher32
 
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Ray Potter
 
Application layer Security in IoT: A Survey
Adeel Ahmed
 
Secure remote device access
Nirmal Thaliyil
 
IP Protocol Security
David Barker
 
eWON_SecurityV5 - Public
Yvan Rudzinski
 
Tatanet Corporate Presentation
Rohit Kumar
 
Ace
Will Storey
 

What's hot (20)

PPTX
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Sachintha Gunasena
 
PPTX
Advance Consulting Experts
Will Storey
 
PPSX
Wireless Network Security
Gyana Ranjana
 
PPT
Lesson 3- Remote Access
MLG College of Learning, Inc
 
PDF
Fortinet FortiGate 100D
Hoai Duyen
 
PDF
Panda Security - Gatedefender
Panda Security
 
PPTX
Access Control Firewall
karanwayne
 
PPTX
OwnYIT CSAT + SIEM
NCS Computech Ltd.
 
PPT
LAN Security
Syed Ubaid Ali Jafri
 
PPTX
Improvement WiFi Security Network Access
Ahmad Firdaus
 
PPTX
Wireless Network security
Fathima Rahaman
 
PPTX
Security standard
lyndyv
 
PDF
Wireless Security Audits
Cyber 51 LLC
 
PPT
SGSB Webcast 2 : Smart grid and data security
Andy Bochman
 
PPT
Fortigate Training
NCS Computech Ltd.
 
PDF
Access RouterOS using Multi-Factor Authentication
Didiet Kusumadihardja
 
PPTX
Secured Communication Infrastructure for Substation Automation
Nirmal Thaliyil
 
PDF
Virtual private network
VINAY GATLA
 
PPT
The WiKID Strong Authentication Systems Overview
Nick Owen
 
PPTX
Provable Device Cybersecurity in Blockchain Transactions
Rivetz
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Sachintha Gunasena
 
Advance Consulting Experts
Will Storey
 
Wireless Network Security
Gyana Ranjana
 
Lesson 3- Remote Access
MLG College of Learning, Inc
 
Fortinet FortiGate 100D
Hoai Duyen
 
Panda Security - Gatedefender
Panda Security
 
Access Control Firewall
karanwayne
 
OwnYIT CSAT + SIEM
NCS Computech Ltd.
 
LAN Security
Syed Ubaid Ali Jafri
 
Improvement WiFi Security Network Access
Ahmad Firdaus
 
Wireless Network security
Fathima Rahaman
 
Security standard
lyndyv
 
Wireless Security Audits
Cyber 51 LLC
 
SGSB Webcast 2 : Smart grid and data security
Andy Bochman
 
Fortigate Training
NCS Computech Ltd.
 
Access RouterOS using Multi-Factor Authentication
Didiet Kusumadihardja
 
Secured Communication Infrastructure for Substation Automation
Nirmal Thaliyil
 
Virtual private network
VINAY GATLA
 
The WiKID Strong Authentication Systems Overview
Nick Owen
 
Provable Device Cybersecurity in Blockchain Transactions
Rivetz
 
Ad

Similar to Mrx security (20)

PDF
Datasheet: Security
VoIPstudio
 
PDF
Implementing the 5 Pillars of IT Security for MQTT
HiveMQ
 
PPTX
Cloud Security_Module_1_Module_2_3_4.pptx
shahils1301
 
PPTX
Public Digital Identity as a Service
PT Datacomm Diangraha
 
PPT
Security Issues of Cloud Computing
Falgun Rathod
 
PPTX
Network security
Nandini Raj
 
PPT
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
DEEPAK948083
 
PPSX
Secure electronic transaction
Nishant Pahad
 
PPTX
How to do right cryptography in android part 3 / Gated Authentication reviewed
Arash Ramez
 
PPTX
How to write secure code
Flaskdata.io
 
PPTX
Security framework
A-Seem C-Resta
 
PPTX
L4 internet security
listergc
 
PDF
Ch11 Vpn
phanleson
 
DOCX
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
rock73
 
PPT
Implementing an improved security for collin’s database and telecommuters
Rishabh Gupta
 
PPTX
Single Sign-On & Strong Authentication
Arun S M
 
PPT
Material best practices in network security using ethical hacking
Desmond Devendran
 
PPTX
Access-control-system
Techera Consultants
 
PDF
Basics of Data Security and Cryptographic techniques
Jay Sahoo
 
PPT
VPN Computer NEtwork cyber security.ppt
xlsofttech92
 
Datasheet: Security
VoIPstudio
 
Implementing the 5 Pillars of IT Security for MQTT
HiveMQ
 
Cloud Security_Module_1_Module_2_3_4.pptx
shahils1301
 
Public Digital Identity as a Service
PT Datacomm Diangraha
 
Security Issues of Cloud Computing
Falgun Rathod
 
Network security
Nandini Raj
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
DEEPAK948083
 
Secure electronic transaction
Nishant Pahad
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
Arash Ramez
 
How to write secure code
Flaskdata.io
 
Security framework
A-Seem C-Resta
 
L4 internet security
listergc
 
Ch11 Vpn
phanleson
 
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
rock73
 
Implementing an improved security for collin’s database and telecommuters
Rishabh Gupta
 
Single Sign-On & Strong Authentication
Arun S M
 
Material best practices in network security using ethical hacking
Desmond Devendran
 
Access-control-system
Techera Consultants
 
Basics of Data Security and Cryptographic techniques
Jay Sahoo
 
VPN Computer NEtwork cyber security.ppt
xlsofttech92
 
Ad

Recently uploaded (20)

PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
project resource management chapter-09.pdf
ssuser00e6e21
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PPTX
A Presentation on Touch Screen Technology
memembruh336
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
project resource management chapter-09.pdf
ssuser00e6e21
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
Encapsulation theory and applications.pdf
gurumoop
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
A Presentation on Touch Screen Technology
memembruh336
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 

Mrx security

  • 1. We take Security and Data Protection Seriously
  • 2. Physical Security The MRX servers are housed in Telehouse Data Centre, Docklands, London.
  • 3. Physical Security Telehouse provides: •Independent client card identification access system. •Secure & monitored single-person point of entry, physically guarded 24/7 and integrated digital video camera surveillance. •Proximity card access will be provided from the main Data Centre building and will be issued to specific facilities management suites. •Strict security processes in place to ensure delivery and loading of goods are secure.
  • 4. Physical Security •CCTV coverage for the perimeter, common areas and facilities management suites. •Perimeter fence is fitted with intruder sensing. •Secure access procedures to ensure nominated staff can gain authorised access to the facility day or night.
  • 5. Server Connectivity https – Secure Web for user access to the system. SSH – Secure Shell using a non standard port for system administration access to the system. Both these connection types use public-key cryptography to protect data travelling between client and server using 256-bit encryption.
  • 8. Server Connectivity Public Key Certificate •Every client that connects to the server must have a Private Key Installed that matches a Public Key held on the server. •Each Client has their own key pair. •Without a valid key pair it is impossible to connect to the server remotely.
  • 11. Sensitive Data Storage •Stored in a secure area of a SAN located in the same rack as the server in Telehouse London. •Deleted once it has been downloaded. •Encrypted using the OpenPGP standard.
  • 12. Sensitive Data Storage OpenPGP (Pretty Good Privacy) •Uses Public Private Key Encryption. •Public Key held on the server used to Encrypt data. •Private key held by the client is the only way to Decrypt the data. •Minimum 2048-bit Encryption.
  • 13. Identity Control Organisations new to MR X request access to the system by completing an online form on the public web site.
  • 14. Identity Control We verity the authenticity, address, telephone number of the applicant organisation and capture details of the senior staff using yell and industry specific lists.
  • 15. Identity Control We call the applicant organisation using the publicly available phone number, confirm the authority of the person applying. We verbally agree pass phrases for keys, and initial password for the system with the applicant.
  • 16. Key and Certificate Control The agreed passwords and phrases are passed to the system administration team on paper (no electronic copy is taken and any form of copying of the original paper copy is not allowed).
  • 17. Key and Certificate Control •The system administrators, using a stand alone computer create and signs the key pair for connecting to the server using the agreed passphrase. •The User is created on the system. •The public key is loaded onto the MR-X servers. •Paper containing pass phrases and passwords are destroyed. •All keys are valid for 1 year. •Keys can be revoked if they are compromised.
  • 18. Key and Certificate Control The following are emailed to the applicant: •Private key and Certificate. •Root Certificate. •User name. •Instructions as to what to do next. •User Manual.
  • 19. Key and Certificate Control •The client follows the instructions sent to them to install certificates (they require the passphrase previously agreed with us) on to any computers they require to access the MR-X system. •The client can then log onto the system, change their password, create additional users. •The instructions make the client aware that they are responsible for their own security and they must advise us if security is breached.
  • 20. PGP Implementation •PGP is only required to be installed by those organisations receiving Medical Records. •For those that require PGP as a desktop application we provide a link to the Gpg4win program. •For those that receive a large number of Medical records we can provide a hardware solution.
  • 21. PGP Implementation Instructions are given to the client: •How to create a PGP key pair. •How to use Gpg4win with the MR-X system. •To send us the Public key.
  • 22. PGP Implementation •We will call the client to confirm they sent us the key and to authenticate it through the key fingerprint. •We will sign and install the public key on the MR-X servers. •We will register the key against the clients account on the MR-X system and activate the “receive medical records” feature.