2023-04-11 NOTICE: The following policy or plan is currently under internal review and may not be up-to-date or fully aligned with our organization's current practices or procedures. Please check back shortly, or contact us for more information.
In order to preserve the integrity of data that Fox and Geese stores, processes,
or transmits for Customers, Fox and Geese implements strong intrusion detection
tools and policies to proactively track and retroactively investigate
unauthorized access. Fox and Geese currently utilizes
OSSEC to track file system integrity, monitor log data,
and detect rootkit access.
Applicable Standards from the HITRUST Common Security Framework
- 09.ab - Monitoring System Use
- 06.e - Prevention of Misuse of Information
- 10.h - Control of Operational Software
Applicable Standards from the HIPAA Security Rule
- 164.312(b) - Audit Controls
Intrusion Detection Policy
- OSSEC is used to monitor and correlate log data from different systems on an
ongoing basis. Reports generated by OSSEC are reviewed by the Security
Officer on a monthly basis.
- OSSEC generates alerts to analyze and investigate suspicious activity or
- OSSEC monitors file system integrity and sends real time alerts when
suspicious changes are made to the file system.
- Automatic monitoring is done to identify patterns that might signify the lack
of availability of certain services and systems (DoS attacks).
- Fox and Geese firewalls monitor all incoming traffic to detect potential
denial-of-service attacks. Suspected attack sources are blocked
automatically. Additionally, our hosting provider actively monitors its
network to detect denial-of-service attacks.
- All new firewall rules and configuration changes are tested before being
pushed into production. All firewall and router rules are reviewed every
- Fox and Geese utilizes redundant firewall on network perimeters.