# Infrastructure security | CONTROL | STATUS | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | |

Encryption key access restricted

The company restricts privileged access to encryption keys to authorized users with a business need.

| ✅ | |

Unique account authentication enforced

The company requires authentication to systems and applications to use unique username and password or authorized Secure Socket Shell (SSH) keys.

| ✅ | |

Production application access restricted

System access restricted to authorized access only

| ✅ | |

Production database access restricted

The company restricts privileged access to databases to authorized users with a business need.

| ✅ | |

Firewall access restricted

The company restricts privileged access to the firewall to authorized users with a business need.

| ✅ | |

Production OS access restricted

The company restricts privileged access to the operating system to authorized users with a business need.

| ✅ | |

Production network access restricted

The company restricts privileged access to the production network to authorized users with a business need.

| ✅ | |

Unique network system authentication enforced

The company requires authentication to the "production network" to use unique usernames and passwords or authorized Secure Socket Shell (SSH) keys.

| ✅ | |

Remote access encrypted enforced

The company's production systems can only be remotely accessed by authorized employees via an approved encrypted connection.

| ✅ | |

Log management utilized

The company utilizes a log management tool to identify events that may have a potential impact on the company's ability to achieve its security objectives.

| ✅ | |

Infrastructure performance monitored

An infrastructure monitoring tool is utilized to monitor systems, infrastructure, and performance and generates alerts when specific predefined thresholds are met.

| ✅ | |

Network firewalls utilized

The company uses firewalls and configures them to prevent unauthorized access.

| ✅ | |

Network and system hardening standards maintained

The company's network and system hardening standards are documented, based on industry best practices, and reviewed at least annually.

| ✅ | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.scribe-mail.com/scribe/security/what-scribe-does-concerning-security/infrastructure-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.