IDS Policy

In order to preserve the integrity of data that Praktice AI stores, processes, or transmits for Customers, Praktice AI implements strong intrusion detection tools and policies to proactively track and retroactively investigate unauthorized access. Praktice AI currently utilizes OSSEC to track file system integrity, monitor log data, and detect rootkit access.
15.1 Applicable Standards
15.1.1 Applicable Standards from the HITRUST Common Security Framework
09.ab - Monitoring System Use
06.e - Prevention of Misuse of Information
10.h - Control of Operational Software
15.1.2 Applicable Standards from the HIPAA Security Rule
164.312(b) - Audit Controls
15.2 Intrusion Detection Policy
OSSEC is used to monitor and correlate log data from different systems on an ongoing basis. Reports generated by OSSEC are reviewed by the Security Officer on a monthly basis.
OSSEC generates alerts to analyze and investigate suspicious activity or suspected violations.
OSSEC monitors file system integrity and sends real time alerts when suspicious changes are made to the file system.
Automatic monitoring is done to identify patterns that might signify the lack of availability of certain services and systems (e.g., DoS attacks).
All configuration changes are tested before being pushed into production. All critical configurations are reviewed every quarter.