Monitoring
Infrastructure security
CONTROL
STATUS
Service infrastructure maintained
The company has infrastructure supporting the service patched as a part of routine maintenance and as a result of identified vulnerabilities to help ensure that servers supporting the service are hardened against security threats.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Intrusion detection system utilized
The company uses an intrusion detection system to provide continuous monitoring of the company’s network and early detection of potential security breaches.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Database replication utilized
The company’s databases are replicated to a secondary data center in real-time. Alerts are configured to notify administrators if replication fails.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Production database access restricted
The company restricts privileged access to databases to authorized users with a business need.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Remote access MFA enforced
The company’s production systems can only be remotely accessed by authorized employees possessing a valid multi-factor authentication (MFA) method.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Production network access restricted
The company restricts privileged access to the production network to authorized users with a business need.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Unique production database authentication enforced
The company requires authentication to production datastores to use authorized secure authentication mechanisms, such as unique SSH key.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Remote access encrypted enforced
The company’s production systems can only be remotely accessed by authorized employees via an approved encrypted connection.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Encryption key access restricted
The company restricts privileged access to encryption keys to authorized users with a business need.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Production data segmented
The company prohibits confidential or sensitive customer data, by policy, from being used or stored in non-production systems/environments.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Production application access restricted
The company restricts privileged access to the application to authorized users with a business need.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Unique network system authentication enforced
The company requires authentication to the “production network” to use unique usernames and passwords or authorized Secure Socket Shell (SSH) keys.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)
Firewall access restricted
The company restricts privileged access to the firewall to authorized users with a business need.
![Tick](https://mantra.care/wp-content/uploads/2024/04/Tick-Icon.png)