Security & Compliance Overview

Security Posture with TruGrid

TruGrid-Security-Overview-1

 

Potential Risks without TruGrid

End User:

  • No MFA / 2-step Verification
  • Unsecure TCP ports connections

Customer Infrastructure:

  • AD exposed to password cracking
  • No Identity Management risk detection
  • Firewalls exposed to port scanning
  • Firewalls exposed to DDoS attacks
  • VPN Gateway exposed to password hacking
  • No vulnerability scanning
  • No Intrusion Detection / Prevention
  • No geo-location IP blocking

 
No-TG-Remote-Access@2x

TruGrid Security & Compliance Details

Azure Hosting Facility Compliance

Encryption

  • Encrypted traffic
  • Transparent Data Encryption (TDE)
  • HTTP Strict Transport Security
  • Automatic HTTPS rewrites
  • Enforce Modern TLS (1.2 & 1.3)

Threat Prevention and Management

  • Vulnerability scanning
  • Database threat detection
  • Database vulnerability assessments

Network Security

  • DDoS mitigation
  • Network and IP abstraction
  • Firewalls
  • Virtual Network isolation

Authentication

  • Mandatory MFA
  • No AD passwords stored in our database
  • Proprietary AD anti-hacking features

Fraud Prevention

  • Identity Management risk detection
  • Multi-factor authentication
  • Geo-IP blocking (coming soon)

Application & Platform Security

  • Hosted on Microsoft Azure Platforms
  • Transparent Data Encryption (TDE) on databases
  • No AD passwords stored in our database
  • Role-based application security
  • Session time-out functionality

Other Security Considerations

  • We host all systems in the United States on Microsoft Azure
  • We are incorporated and headquartered in the United States
  • We are governed by the laws of the United States

TruGrid Application-Specific Compliance Information

  • PCI Compliance - We do not store customer credit cards or financial information in our database. We use a third-party provider for credit card processing. We securely transmit data to our PCI compliant payment provider via Point-to-Point Encryption (P2PE). TruGrid can help your company improve PCI compliance by eliminating the need for open RDP and HTTPS ports for remote access, and by adding MFA security to remote logins.

  • HIPAA Compliance - Neither our product, nor any single product, can help an organization achieve HIPAA compliance, however, our product can help an organization improve their HIPAA compliance by improving the security around remote access to healthcare information.

  • GDPR - We are committed to compliance with EU General Data Protection Regulation (GDPR) where applicable.

TruGrid simplifies Access and Device Security for organizations. With TruGrid, organizations can reduce complexity and costs associated with the use of Microsoft RDP and BitLocker Encryption Management, while protecting end-user logins. TruGrid can be implemented in minutes.

Contact Us
1-800-211-8332
info@trugrid.com
1100 E. Woodfield Rd., Suite 100A
Schaumburg, IL 60173

   
tg-icon.png
Copyright 2020