Prosight Healthcare RTLS Platform Cybersecurity & Compliance

Cox Prosight IoT Platform implements industry standard healthcare cybersecurity and compliance standards to help protect the layers of an IoT solution ranging from product development, product support, cloud infrastructure, and customer applications.

Product development

Cox Prosight IoT Platform and Applications are automatically inspected by our Continuous Integration (CI) system for security vulnerabilities. Software packages and dependencies are then audited against a known list of vulnerabilities.

Cloud infrastructure

Cox Prosight IoT Platform follows CIS Benchmarks for Cloud Platform’s to secure and audit cloud usage. By default, all data in transit (TLS versions 1.2 or greater) and at rest (AES256 or AES128) are encrypted on the cloud. Key infrastructure components (all follow security best practices and are designed to limit exposure to the web and restrict escalation of privileges. Access to production environments is limited to authorized VPN networks.

Software web applications

Endpoints exposed to the Internet are protected by firewalls to minimize the attack surface and mitigate against DDoS attacks. The system also enforces TLS encryption (1.2 or greater) and applies HTTP security. Web Application Firewall also follows OWASP best practices and are designed to prevent common web attaches including Cross-Site Scripting (XSS), SQL injection, and XML External Entities (XXE). JWT tokens and OAuth-based authentication schemes are used whenever applicable. All critical applications are also protected via 2-Factor Authentication to mitigate phishing attacks and unauthorized access.

Security Incident Handling

Cox Prosight follows NIST standards for Security Incident Management and Response Process
Identify Protect Detect Respond Recover

1. Identify

  • Identify and control who has access to your business information
  • Conduct background checks
  • Require individual user accounts for each employee
  • Create politics and procedures for cybersecurity

2. Protect

  • Limit employee access to data and information
  • Install Surge Protectors and Uninterruptible Power Supplies (UPS)
  • Patch your operating system and applications routinely
  • Install / activate software. Implement hardware firewalls on all your networks
  • Secure your wireless access point and networks
  • Set up web and email filters
  • Use encryption for sensitive business information
  • Dispose of old computers and media safely
  • Train your employees

3. Detect

  • Install and update anti-virus, anti-spyware, and other anti-malware programs
  • Maintain and monitor logs
  • Develop a plan for disasters and information security incidents

5. Recover

  • Make full backups of important business data and information
  • Continue to schedule incremental backups
  • Consider cyber insurance
  • Make improvements to process/ procedures/ technology

How our infrastructure comes together to streamline people, equipment and environmental tracking.

Security and Compliance chart
Asset Tags
chart link icon
BLE Tags
AES128 Encryption on data
Gateways & Sensors
chart link icon
Gateways
SSL Encryption, WP2 Enterprise Encryption
Network & Interface
chart link icon
Customer Network
Secure SSID and Firewall controls
chart link icon
Cloud Platform Security
AES256 or 128 encryption, TLS encryption
chart link icon
Access Controls
OIDC, LDAP, OKTA and MFA support
Asset Tags
Asset Mini Tag
Asset Tag Mini
Staff Tag from Cox Prosight
Staff Tag
Asset Tag from Cox Prosight
Asset Tag
Data Collected
signal arrowchart link icon
Gateways & Sensors
AC Gateway
AC Gateway
DC Gateway
DC Gateway
Environmental Sensor
Environmental Sensor
Data Connected
WiFi arrowchart link icon
signal arrowsignal arrow
Network & Interface
customer Wi-Fi routerProsight CORE logoCox Prosight application screen
Customer
Wi-Fi Router
Prosight
Application
chart link iconchart link iconchart link icon
Data Exchanged
Data Processed
Data Insight & Storage
wi-fi symbol
Wi-Fi
wi-fi symbol
Bluetooth