OiX - A Promise of Security.

OiX has standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. OiX Hyperledger supports private (permissioned) Blockchain through its identity management service which authenticates all participants in the network. OiX adopts NIST Security standards FIPS ,compliant cryptography module to prove the authenticity and integrity of the digital assets. The OiX security authorization using the FedRAMP requirements which are FISMA compliant and based on the NIST 800-53 rev3, (800-53, 8003-47) and FIPS 199 and 200

• Improves real-time security visibility
• Increases confidence in security of OiX platform
• Provides a uniform approach to risk-based management
• Ensures consistent application of existing security practices
• Increases automation and near real-time data for continuous monitoring
• Accelerates the adoption of secure OiX platform through reuse of assessments and authorizations
• Improves the trustworthiness, reliability, consistency, and quality of the Federal security authorization process
• Achieve consistent security authorizations using a baseline set of agreed upon standards to be used for OiX product approval in or outside of FedRAMP
• Prevents anyone — even root users and administrators — from accessing sensitive information
• Deny illicit attempts to change data or applications within the network.
• Carefully guard encryption keys using the highest-grade security standards so they can never be misappropriated.

NETWORK SECURITY

OiX network security capabilities increase privacy and control network access.

These include:

• VPN and firewalls create private networks, and control network access
• Data in transit uses TLS Encryption across all services

OiX leverages auto-scaling DDoS mitigation technologies.

Data integrity services address the unauthorized or accidental modification of data. This includes data insertion, deletion, and modification. To ensure data integrity, a system must be able to detect unauthorized data modification. The goal is for the receiver of the data to verify that the data has not been altered. Confidentiality services restrict access to the content of sensitive data to only those individuals who are authorized to view the data.

Confidentiality measures prevent the unauthorized disclosure of information to unauthorized individuals or processes.

Identification and authentication services establish the validity of a transmission, message, and its originator. The goal is for the receiver of the data to determine its origin.

Non-repudiation services prevent an individual from denying that previous actions had been performed. The goal is to ensure that the recipient of the data is assured of the sender’s identity.

Know the OiX Shared Responsibility Model

OiX provides a secure global infrastructure and services. OiX shared responsibility model, which requires OiX and customers to work together towards security objectives. OiX provides secure infrastructure and services, while you, the customer, are responsible for secure operating systems, platforms, and data. OiX provides services and features you can use to enhance security. To ensure secure services, OiX provides technologies you can implement to protect data at rest and in transit.

OiX Advisories and Bulletins.

OiX provides advisories around current vulnerabilities and threats and enables customers to work with OiX security resources to address concerns like reporting abuse, vulnerabilities, and penetration testing.