Sales: 866.620.7516 |
Technical Support:

Security and Compliance

Most mission critical IT Systems have commercial or federal compliance requirements. We help our clients maneuver through the challenges presented by government compliance regulations and FISMA compliance issues to create a customized program that meets all information security management needs. These solutions focus on data security and areas needed to achieve certificate of compliance.


Federal Risk Authorization Management Program

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services, allowing the U.S. Federal government to realize the benefits of cloud computing faster through a single authorization process.

Cloud Service Providers (CSPs) interested in serving federal organizations must meet rigorous government mandated security requirements. To ensure CSPs meet these standards, they must be audited by a Third Party Assessment Organization (3PAO) before they can receive a P-ATO. As an accredited 3PAO organization, Kratos SecureInfo is assisting VAZATA with the FedRAMP authorization process.

VAZATA is the 21st company to achieve this authorization. With a rigorous audit occurring every 30 days, VAZATA has the distinction of being one the most compliant technology providers, having attained the highest level of security and performance set by FedRAMP’s stringent compliance standards.

Security and Compliance for the Healthcare Industry

VAZATA’s Infrastructure as a Service (IaaS) solutions deliver the highest standards in compliance, security, and performance in the healthcare industry. VAZATA is uniquely positioned to provide a solution intended to protect electronic medical records (EMR), electronic protected healthcare information (ePHI) and other sensitive data by lowering your risk of intrusion and consistently having patient information accessible to authorized medical practitioners.

VAZATA has been declared “HIPAA Compliant” by the independent assessment firm Kratos/SecureInfo. HIPAA - the Health Information Portability and Accountability Act, is a guiding standard from the U.S. Department of Health and Human Services, intended to protect the confidentiality of Protected Health Information (PHI). The standards are rigorous, particularly related to physical security at Cloud Service Provider datacenters. The seal of HIPAA compliance assures customers that VAZATA is providing a purpose-built platform that can serve as the cornerstone of their success, security and data compliance.

The seal of compliance from Kratos/SecureInfo indicates VAZATA has passed the HIPAA data requirements for 2015.

Risks to Consider

NIST SP 800-30 describes the identification of the threat, the threat source and the threat action for use in the assessment process. The following threats were determined by KTTS to be most applicable to the VAZATA Colocation environment:

Human Threats

  • Unauthorized access to data/theft
  • Malicious damage/destruction of software/hardware
  • Unauthorized physical access
  • Unauthorized modification of software/hardware
  • Burglary

Natural Threats

  • External Flooding
  • Tornado Damage

Environmental Threats

  • Power failure/fluctuation
  • HVAC failure
  • Hardware malfunction
  • System software failure
  • Communication system failure
  • Flood/water damage
  • Hazardous waste

Want to Schedule a Meeting?

Are you interested in learning more?