Commercial Clouds at Project Hosts

Commercial Cloud Offers

Project Hosts offers a line of commercial cloud solutions to meet security and compliance requirements across a variety of industry sectors. We pair adherence to the highest security standards with the expertise of our security and operations teams to deliver the best possible services – no matter which of our three commercial solutions you choose.

 

• Level 1 provides a security framework based on ISO 27001 compliance. If your organization is planning to migrate your on-premise environment into the cloud, but you are not including any PHI or PII, program 1 may be an ideal solution.

• Level 2 provides a security framework based on the HITRUST security standard. This is a pre-audited HITRUST certified environment, developed to protect your privacy and sensitive data. HITRUST incorporates HIPAA requirements and the NIST framework in a more prescriptive manner. This more rigorous standard certifies third-party auditors who can then grant an official certification of compliance to an organization.

• Level 3 provides a security framework based on the FedRAMP security standard. Level 3 is a pre-audited FedRAMP Authorized environment, providing the highest commercial secuirty & compliance standard on the market today. FedRAMP is a required security standard for all Federal agencies deploying sensitive data in the cloud. Federal agencies are also required to request that all cloud vendors are FedRAMP compliant.

Security Control Families

Network Firewall

Enterprise Malware Protection

Network-based Intrusion Detection

Remote Access Gateway

Backup, Recovery, DR with Annual Tests

Incident Response with Annual Tests

Security Patching and Updating

Annual ISO 27001 Compliance Audit

Host-based Firewalls

Web application Proxy in DMZ

SIEM for Centralized Log Correlation

Monthly OS & DB Vulnerability Scanning

Web App Vulnerability Scanning

Annual Penetration Testing

Encryption of Data at Rest

Annual HITRUST Compliance Audit

Managed Executable Whitelists

Multifactor Authentication

Monthly CIS Compliance Updates

Annual FedRAMP Compliance Audits

Level 1

ISO-27001 Clouds

√

√

√

√

√

√

√

√

√

√

√

√

√

√

√

√

√

√

√

√

Level 2

HITRUST Clouds

√

√

√

√

√

√

√

N/A Unless Requested

√

√

√

√

√

√

√

√

√

√

√

√

Level 3

FedRAMP Clouds

√

√

√

√

√

√

√

N/A Unless Requested

√

√

√

√

√

√

√

N/A Unless Requested

√

√

√

√