# Infrastructure security

| CONTROL                                                                                                                                                                                                                                | STATUS |
| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
| <p><strong>Encryption key access restricted</strong></p><p>The company restricts privileged access to encryption keys to authorized users with a business need.</p>                                                                    | ✅      |
| <p><strong>Unique account authentication enforced</strong></p><p>The company requires authentication to systems and applications to use unique username and password or authorized Secure Socket Shell (SSH) keys.</p>                 | ✅      |
| <p><strong>Production application access restricted</strong></p><p>System access restricted to authorized access only</p>                                                                                                              | ✅      |
| <p><strong>Production database access restricted</strong></p><p>The company restricts privileged access to databases to authorized users with a business need.</p>                                                                     | ✅      |
| <p><strong>Firewall access restricted</strong></p><p>The company restricts privileged access to the firewall to authorized users with a business need.</p>                                                                             | ✅      |
| <p><strong>Production OS access restricted</strong></p><p>The company restricts privileged access to the operating system to authorized users with a business need.</p>                                                                | ✅      |
| <p><strong>Production network access restricted</strong></p><p>The company restricts privileged access to the production network to authorized users with a business need.</p>                                                         | ✅      |
| <p><strong>Unique network system authentication enforced</strong></p><p>The company requires authentication to the "production network" to use unique usernames and passwords or authorized Secure Socket Shell (SSH) keys.</p>        | ✅      |
| <p><strong>Remote access encrypted enforced</strong></p><p>The company's production systems can only be remotely accessed by authorized employees via an approved encrypted connection.</p>                                            | ✅      |
| <p><strong>Log management utilized</strong></p><p>The company utilizes a log management tool to identify events that may have a potential impact on the company's ability to achieve its security objectives.</p>                      | ✅      |
| <p><strong>Infrastructure performance monitored</strong></p><p>An infrastructure monitoring tool is utilized to monitor systems, infrastructure, and performance and generates alerts when specific predefined thresholds are met.</p> | ✅      |
| <p><strong>Network firewalls utilized</strong></p><p>The company uses firewalls and configures them to prevent unauthorized access.</p>                                                                                                | ✅      |
| <p><strong>Network and system hardening standards maintained</strong></p><p>The company's network and system hardening standards are documented, based on industry best practices, and reviewed at least annually.</p>                 | ✅      |