Capsule8’s Comprehensive Linux Protection Platform Exceeds Standards for Access, Intrusion Detection and Prevention Systems, and File Integrity Monitoring Requirements
NEW YORK, New York – September 17, 2019 – Capsule8 today announced that Capsule8 Protect, its comprehensive protection platform for Linux production environments, has been certified as compliant with the Health Insurance Portability and Accountability Act (HIPAA). This validates that Capsule8 helps healthcare organizations achieve HIPAA compliance while protecting their Linux systems against intrusions, unauthorized file and system modifications, and unauthorized access of electronic patient health information (ePHI).
Capsule8 Protect is the industry’s only high-performance, real-time attack detection and prevention platform purpose-built for Linux production environments – whether containerized, virtualized or bare metal. Safe for the busiest workloads on the busiest networks, Capsule8 automatically detects and eliminates exploits in progress – without impeding the performance and reliability of production workloads. Scalable and cloud-agnostic, Capsule8 Protect features an “API-first” architecture for seamless technology integration, enabling healthcare organizations to capitalize on existing investments.
Developed by the U.S. Department of Health and Human Services in 1996, HIPAA establishes a national set of security standards for protecting certain health information that is held or transferred in electronic form. If any organization’s information processing capabilities can affect the security of ePHI, it must comply with the HIPAA standard. Importantly, ePHI must be maintained in a HIPAA-compliant manner, and ultimately be protected from breaches.
“Patient health information is a ‘premium’ resource for hackers that is often more valued – and compromised – than financial information. This is why a staggering 70% of healthcare organizations have experienced a data breach at least once in their history of operation,” said John Viega, co-founder and CEO of Capsule8. “With our new accreditation, Capsule8 has proven it can help companies securely handle ePHI and comply with the exacting requirements of the HIPAA standard.”
Following a rigorous evaluation by DirectDefense, a leading provider of HIPAA and security assessments, Capsule8 was deemed compliant for HIPAA controls regarding access, anti-virus, IDS/IPS and file integrity monitoring for architectures that rely on Linux for their host operating systems. Specifically, Capsule8 enables:
- Protection of system services from unauthorized access to ePHI – Capsule8 performs file access monitoring and alerts on unauthorized program access.
- Automatic or manual reconfiguration of access settings when there is an emergency – In the event of a suspected compromise, Capsule8 can put a Linux system into a secure mode, allowing only key administrator rights to ensure that the system is secure and to re-enable normal operations when conditions are safe again.
- Review and audit of key activity regarding access to ePHI – All actions pertaining to ePHI are logged, establishing a permanent record. Capsule8 applies a risk-based categorization for key audit events to determine the scope and magnitude of any potentially inappropriate access.
- Protection of production Linux systems from unwanted alteration or destruction – Capsule8 reports violations of security policies configured by system operators, allowing for complete audit logging of policy violations and specific response actions (if desired) for egregious policy breaches. Additionally, forensic data is stored in a database for further investigations.
- Protection of Linux systems from unauthorized access to services and data – Capsule8 employs integrity verification to detect unauthorized changes to ePHI and provides notifications to management upon discovering discrepancies during integrity verification.
- Immediate response to breaches of ePHI confidentiality – Capsule8 protects systems and data by performing actions configured to react to attempts at unauthorized access.
For more information about how Capsule8 helps healthcare organizations achieve HIPAA compliance, visit: https://capsule8.com/assets/ug/Datasheet-Capsule8-for-HIPAA-Compliance.pdf
Founded in fall 2016 and headquartered in Brooklyn, NY, Capsule8 is the only company providing high-performance attack protection for Linux production environments – whether containerized, virtualized, or bare metal. Capsule8 frees up SecOps teams, while being safe for even the busiest workloads, on the busiest networks. Founded by experienced hackers and seasoned security entrepreneurs, and funded by Bessemer Venture Partners, ClearSky and Intel Capital, Capsule8 is making it possible for Linux-powered enterprises to modernize without compromise. Learn more at www.Capsule8.com.
All product and company names herein may be trademarks of their respective owners.