Our Security Protocols
Data Protection
- AES 256 EncryptionUsed for data at rest and in transit
- SOC2 HostingEnsures compliance with industry standards
Access Management
- Role-Based Access Control (RBAC)Access is granted based on job roles and the principle of least privilege
- Unique User IDs and Strong PasswordsRequired for all users
- Enforced Device PostureWe validate the security posture of all systems connecting to SmithRX resources
- Documented Access RequestsAccess requires management approval and documented requests
- Multi-Factor Authentication (MFA)Mandatory for remote access
Authentication & Authorization
- Single Sign-On (SSO)Streamlines user authentication
- Password PoliciesDefined to enforce strong security measures
Device Management
- Endpoint SecurityAgents are deployed on every system that Smith provisions; all endpoints are centrally managed by IT
- Full Disk EncryptionAll endpoints have full disk encryption and remote wipe capabilities enabled
Audit & Monitoring
- Audit LoggingTracks user activities for accountability
- Anomaly DetectionMonitors for unusual activities
User Training
- Security Awareness TrainingRequired for users before access is granted