Corti actively applies security threat management practices to eliminate vulnerabilities, protect against known threats and detect and respond to security-related incidents.
Risk Management
Corti is keenly aware of the threats to our customer's highly sensitive PHI and other personal information that represents an attractive target for a range of threat actors. We aim to ensure that we identify all credible threats and that adequate security controls are in place to mitigate these threats. To ensure this threat identification process is comprehensive, we apply complementary risk management techniques to achieve the required coverage.
A system-driven risk management process analyzes the Corti system as a whole. Independent security auditing, including vulnerability scanning and penetration testing, is applied to the Corti service and the underlying Azure infrastructure.
A component-driven risk management process incorporated into development processes analyses technical components as we develop them using vulnerability scanning and testing processes.
Threat Detection and Controls
Corti employs Azure’s network and infrastructure protection solutions to provide a multi-layered shield to surround customers’ data. Configuration of security controls follows industry best practices and Azure’s recommendations. These controls are then subject to annual third-party security auditing to provide confidence.
Azure Firewall is a cloud-native intelligent service that protects services deployed to the Azure environment. It provides comprehensive east-west and north-south traffic inspection with rule-based filtering, including real-time threat intelligence-based filtering.
Microsoft Defender for Cloud provides workload protection and security posture management to identify and track threats, guide the hardening of services based on identified weaknesses and vulnerabilities and provide a threat detection and response solution. We aim to provide customers with a proactive threat management solution to protect their data within the Azure environment.
Microsoft Sentinel provides customers with off-the-shelf Security Information and Event Management (SIEM) integrated with a Security Orchestration, Automation, and Response (SOAR) solution. In addition, customers are provided with intelligent security analytics and threat intelligence to enable security incident management for their Corti service.
Azure DDoS Protection provides adaptive real-time traffic monitoring and threat response to maintain service availability during DDoS incidents.
Azure Confidential Ledger offers customers tamper-proof data storage using blockchain technology where data integrity is critical.
Incident Response and Recovery
Incident management processes handle security events with the potential to adversely impact customer data confidentiality, integrity, or availability. Investigations establish the severity of incidents based on their impact on the Corti service and customer data. Processes then identify response actions that are applied to halt any attack, recover systems and data and investigate additional security controls necessary to prevent reoccurrence.
The incident response includes timely and transparent communications with affected stakeholders, including the affected customer and the service hosting environment, as applicable. Corti recognizes that business success depends on establishing a trust-based relationship with customers, reliant on openness and transparency.
Business Continuity
Corti maintains a Business Continuity & Disaster Recovery Plan (BCDR) with goals that include maintaining customer services while fulfilling legal and regulatory obligations.
This planning covers internal and customer-managed environments using the redundancy and resilience capabilities of the Azure hosting infrastructure. In addition, we help customers achieve their Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) using the configurable service offerings available from the Azure service.