We don’t just say security is our top priority. We prove it.
With some of the largest Private School Organizations in America trusting MSP with their data, security is at the heart of what we do.
Physical security
Data Center buildings have strict physical access review and scrutiny. All physical access is monitored 24/7 by personnel. Multi-factor authentication is required for all visitors. Continuous monitoring for unauthorized access is done through video surveillance, intrusion detection, and access log monitoring systems.
IT Security
Additional security is applied to information technology rooms and systems including forced open door alarms, thread and electronic intrusion detection systems, multi-factor authentication, and media destruction per NIST 800-88.
Network Security
MSP employs a dedicated security team. All systems are monitored and alerted 24/7/365 for security and operational events. Host-based Intrusion Detection is deployed on all production systems.
Incident Response
MSP’s incident response planning and procedures are based on NIST standards. All incident reports are promptly investigated, reported and remediated as necessary. The response plan and procedures define all the steps to ensure a consistent process.
System Administration
Best practices are utilized, such as least privilege, central configuration management, and stringent host and network firewall policies. Servers are patched automatically on a regular schedule, with high-priority patches applied manually out-of-cycle.
Application Security
MSP’s developers are given annual training on secure coding. All application code is written by MSP Employees, and each change undergoes peer review. Security vulnerabilities are promptly triaged and corrected.
We handle your data how we’d want our own data handled. No exceptions.
MSP is proud to partner with Century Link, an industry-recognized leader for delivering managed hosting services to enterprises as well as state, local and federal governments.
Employees & Internal IT
In addition to developers receiving secure coding training, all employees participate in annual general security and data privacy training. Phishing drills are routinely run, and measured against industry benchmarks.
Compliance & Certifications
SOC 2 Type II, MSP has received independent certification of SOC 2 Type I compliance and is pursuing a Type II audit in 2019.
PCI Compliance
SOC 2 Type II, MSP has received independent certification of SOC 2 Type I compliance and is pursuing a Type II audit in 2019. Click here for more details.