Articles by tag "digital-edge"

Digital Edge publishes this policies to make sure everybody get meaningful choices about how and why data is collected and used, and ensuring that you have the information you need to make the choices that are right for you across our products and services.

Digital Edge committed to ISO standards and publishes bridging polciy as well as some other global policies. 

ISO 27001-2013 High Level Information Security Policy

Digital Edge GDPR Policy

Contact Us

If you have any questions or complaints about our policies, write or call our Compliance Team:

Digital Edge Ventures Inc – Compliance Team
7 Teleport Drive Staten Island New York 10311
Call us: 1-718-370-3352
Email us: compliance@digitaledge.net

Digital Edge’s Security Team assists clients with cyber security forensics and often hears the question – “what is the proper way to report to law enforcements?” As a company, we aim to aid our clients in informing them on the right steps to take when dealing with a cyber-incident. There is a growing number of cyber networks that were seriously attacked and this is not a matter to be taken lightly. This is why Digital Edge feels it is important to know the right procedure. These incidents can result in serious consequences with the capability of causing lasting harm. By reporting these incidents, the government can assist them with agencies that can investigate the incident, lessen the consequences, and help avoid these cyber incidents in the future.

Please click here for more information.

If you feel that you need assistance from the Digital Edge Security team, please contact us at support@DIGITALEDGE.NET or open a ticket through Digital Edge web site at https://www.digitaledge.net.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines relevant technical and non-technical security standards to ensure individuals’ ePHI, “electronic protected health information”. Compliance with HIPPA requires information systems to be monitored using SIEM, Security Information and Event Management. The SIEM is a tool that guarantees immediate notification and analysis of conditions influencing the reliability of an organization’s ePHI data through actionable reports and forensic investigation.

FISMA requires all federal agencies to document and implement controls for information technology systems that support their operations and assets.

LogIT simplifies FISMA compliance with its fully automated log collection, collecting and recovery across the agency’s entire infrastructure. Providing tools at the fingertip that align the organization’s risk assessment with forensic investigations, reporting, and prioritizing settings. LogIT already automatically achieves the first level of log analysis, by categorizing log data that is identified and stabilized for easy analysis and reporting.

The ISO 27001 standard is a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving management systems information security (ISMS) within the context of the overall commercial risks of the organization.

ISO language in relevance to log management: "Audit logs must be turned on for security events, user activities and exceptions. They must be kept for a predetermined period of time.". The task of organizing this information can be overwhelming. In addition to the millions of individual log entities that can be generated daily, all IT environments have reporting data logs. Additional recommendations to analyze and report on log data make manual processes or internally prepared solutions are insufficient and expensive for many organizations.

HMG organizations are required to follow Protective Monitoring for HMG ICT Systems, based on Communications-Electronic Security Group’s GPG 13 to gain access to UK GCSX, Government Connect Secure Extranet.

LogIT can simplify GPG 13 audits by giving direct address control obligations mandated. With the option to customize LogIT’s GPG 13 specific compliance module and reporting to your environment, our clients are empowered to build and maintain a secured compliance program. With case management, clients will be able to effortlessly conduct forensic investigations around incident response activity.

SOX requires that all publicly traded companies establish and follow a framework of internal controls that support accountability and integrity of the financial reporting process. A vital part of SOX requirements includes the collection, management, and analysis of log data. 

NERC has its own framework to protect bulk power systems against cybersecurity compromises that could result in operational failures or instability. The NERC CIP v5 further addresses cyber-related risks facing this sector by indorsing organizations to categorize BES, Bulk Electric Systems, into high, medium, and low impact. After being categorized, BES assets can have suitable CIP, Critical Infrastructure Protection, standard applied to address risk.

The PCI DSS was created to encourage and enhance cardholder data security and facilitate the extensive adoption of consistent data security measures worldwide. This applies to all organizations that store, process, and/or transmit cardholder data.

GLBA, also known as the Financial Modernization Act of 1999, was enacted to secure protection over customer records and information. To satisfy the riles and provisions of GLBA, financial institutions are obligated to perform security risk assessments, develop and implement security solutions that detect, prevent, and allow timely incident response effectively, and to perform auditing and monitoring of their security environment.