Submit a request
Subscribe to Product Updates

Articles in this section

Integrify Security Overview

  • Updated
Follow

Data Encryption 

Integrify Encryption in Transit

The connection uses TLS 1.2. The connection is encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism.

Integrify Encryption at Rest (Optional)

Amazon RDS encrypted instances use the industry-standard AES-256 encryption algorithm to encrypt your data on the server that hosts your Amazon RDS instance. Once your data is encrypted, Amazon RDS handles authentication of access and decryption of your data transparently with a minimal impact on performance. You don't need to modify your database client applications to use encryption.

Amazon RDS encrypted instances provide an additional layer of data protection by securing your data from unauthorized access to the underlying storage. You can use Amazon RDS encryption to increase data protection of your applications deployed in the cloud and to fulfill compliance requirements for data-at-rest encryption.

Firewalls

Integrify uses load balancing firewalls to permit only customer approved IP blocks to access the application and only on necessary ports. Certificates (SSL) are also installed at this level to assure all communication between the firewall and the browser is secure.

Authentication

Integrify Database Authentication 

(Availability: Cloud, OnPremise)

User profiles stored in Integrify. Passwords are hashed using bcrypt.  User Name and Password managed in Integrify.  Password pattern and length requirements, as well as expiration settings, can be used to enforce corporate password policies.

 

Integration with SSO/ADFS/SAML2.0 

(Availability: Standard Cloud and OnPremise)  - a one-time setup fee would apply

This option delegates authentication to your IDP using the standard HTTP POST SAML2.0 flow. Integrify will initiate an AUTHN request to your IDP and redirect the user to your authentication endpoint. Your IDP will authenticate the user and then cause the user’s browser to post a SAML Assertion with the user’s profile information to the Integrify ACS URL. Integrify will validate the SAML Assertion with the signing certificate provided by the IDP. If Valid, Integrify will provision the user  or update the user’s integrify profile if it already exists. Endpoints and attributes mappings will be exchanged as part of the setup. 

 

Windows Integrated Authentication (pass-through) and AD Sync Information 

(Availability: OnPremise only)

Users are logged into Integrify automatically based on their network user name.

Regulatory Compliance

SOC 2/3

Service Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Integrify's cloud applications achieve key compliance controls and objectives. These reports allow auditors to understand the controls established to support operations and compliance.

Reports available upon request.

 

 soc-logo.jpg

HIPAA

Integrify can provide a Business Associate Agreement (BAA) certifying that our Cloud instances are compliant with HIPAA requirements. Customers can leverage the secure Integrify environment to process, maintain, and store protected health information.

BAA Agreement available upon request.

 

 HIPAA_compliance.jpg

FDA/21 CFR Part 11

This regulation ensures that companies and organizations implement good business practices by defining the criteria under which electronic records and signatures are considered to be accurate, authentic, trustworthy, reliable, confidential. Our software provides customers the necessary tools and technology to meet FDA/21 CFR Part 11 guidelines.

Read More on Integrify's 21 CFR Part 11 Compliance

   fda.png
     

GDPR (General Data Protection Regulation) Compliance

Integrify is hard at work ensuring that our software and internal practices are GDPR compliant for our customers in the EU as both a data controller (our internal corporate systems) and data processor (the Integrify application) and we fully expect to be compliant by the May 25, 2018 deadline.

To meet the GDPR requirements for Data Processors we ensure the safety and security of the data our customers control on our platform.

Data Security

Integrify's Cloud application is hosted securely on AWS. AWS complies with the General Data Protection Regulation (GDPR) and adheres to the data protection standards required of data processors by the GDPR.

Monitoring and Breaches

  • Integrify performs continuous monitoring and reporting on vulnerabilities and potential configuration flaws in cloud workloads including an incident audit trail for auditors and regulators.
  • Integrify performs log security monitoring, daily review, and archive to detect attacks and provide evidence for regulators.
  • Integrify provides network monitoring and analysis for suspicious activity and data breaches by security experts 24x7x365.
  • Integrify provides notification and guidance for data breaches within 24 hours to the supervisory authority and affected customers.

Architecture

Integrify_flowchart-architecture_new_updated.png

Database Access

(It is not required, but available both OnPremise and in a Private Cloud.)

Access can be provided to the Integrify DB and tables to client Administrators.

Disaster Recovery

Backup Processes

In the Integrify Cloud (Standard or Private) snapshots are taken every 15 minutes,  with a snapshot being copied to a disaster recovery data center once a day. For OnPremise deployments, clients can follow their normal DB backup procedures.

Off-site Data Storage

Integrify utilizes AWS for Cloud deployments. For more detail see here: https://aws.amazon.com/backup-recovery/

Replication Process

Integrify utilizes AWS for Cloud deployments. For more detail see here: https://aws.amazon.com/backup-recovery/

Data Retention

No data is deleted from the Integrify database, through the Integrify system. Only soft deletes are able to be made. In the Integrify Cloud (Standard or Private) full backups are done daily, incremental backups are done every 15 minutes – with a daily backup distributed to a separate data center for disaster recovery. For OnPremise deployments, clients can follow their normal DB backup procedures. Integrify utilizes AWS for Cloud deployments. For more detail see here: https://aws.amazon.com/backup-recovery/

Application Updates

Update Management

If deployed OnPremise, customers utilize the Integrify OnPremise Manager for updates to the platform. If deployed in the Cloud (Private Cloud) Integrify manages Private Cloud instance as a managed service as part of the annual subscription. Private Cloud instances are single tenant with a SQL Server DB instance for each client. (Note: all Integrify clients whether single tenant or multi-tenant, have their own DB instance).

Monitoring

Integrify monitors the performance of the Integrify cloud and proactively alerts Support Group members if needed. Integrify utilizes AWS to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes.

Platform Upgrades

For OnPremise deployments, Integrify makes updates to the platform available to the client to download and install. Clients can utilize the Integrify OnPremise Manager to update their installation. Minor software updates are made available monthly and are inclusive. A client may skip several months and then install the next available update and it will include all prior skipped minor releases. In the Integrify Private Cloud, this is provided as part of your annual subscription as a managed service.

Integrify API

Integrify has several task types referred to as Plugins that enable to call out and call in data from a variety of interfaces. Our REST and SOAP Plugins enable calls to be made during process execution. This information can be utilized within the process/request itself and also be saved within Integrify and other custom data structures to be utilized later during other processes or actions.

Integrify also has an API Kit that enables the triggering of actions programmatically through RESTful services. Nearly any action that can be triggered through our end-user interface can also be triggered through RESTful services – such as initiating a process, executing a task, running a report, and much more. Integrify API documentation can be found here: https://developer.integrify.com

 

Incident Management

Integrify's platform can be used as an incident management system, allowing users to report security breaches or safety issues which then follow the chain of action and approval.

Related articles

Comments

0 comments

Please sign in to leave a comment.