Security
Data Protection
Data at Rest
All datastores with customer data are encrypted at rest. Sensitive collections and tables also use row-level encryption.
This means the data is encrypted even before it hits the database so that neither physical access, nor logical access to the database, is enough to read the most sensitive information.
Data In Transit
Pickerson Solutions adopts the RSA 2048-bit encryption to establish a secure socket for network communications, using TLS 1.2 and SHA256withRSA, a hybrid cryptographic algorithm that leverages the SHA-256 hashing algorithm and the RSA digital signature scheme protocols. Implementing SHA256withRSA allows us to ensure data integrity and authenticity in their applications.
Secret Management
Pickerson Solution adopts the Advanced Encryption Standard (AES) to encrypt any sensitive information used in any configuration files or in the databases, which prevents direct access by any individuals, including employees of Pickerson Solutions.
Enterprise Security
Endpoint Protection
All corporate devices are centrally managed and utilize anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.
Secure Remote Access
ReviewMate™ remote access ensures encrypted and authenticated connections using Open VPN Connect, safeguarding sensitive data. Trust in our commitment to protect your information.
Security Education
Pickerson Solutions provides comprehensive security training to all employees upon onboarding and annually through educational modules within the Veracode platform. In addition, all new employees attend a mandatory onboarding session centered around key security principles. All new engineers also attend a mandatory onboarding session focused on secure coding principles and practices. Pickerson Solutions’ security team shares regular threat briefings with employees to inform them of important security and safety-related updates that require special attention or action.
Access Management
ReviewMate™ employees are granted access to applications based on their role and are deprovisioned upon termination of their employment. Further access must be approved according to the policies set for each application.
Product Security
Vulnerability Scanning
ReviewMate™ requires internal and external vulnerability scanning at key stages in the software development life cycle.
At our data center, we employ a range of tools to scan for vulnerabilities across network, operating systems, endpoint protections like anti-malware and anti-virus software, appliances, physical security measures, intrusion detection and prevention systems, SIEM tools, firewalls, and system libraries.
Throughout product development and across all workstations at Pickerson Solutions, we conduct penetration testing, vulnerability scanning, and code scanning using a comprehensive suite of security tools. These tools address vulnerabilities associated with ReviewMate™ software, databases, networks, libraries, SSL Encryption, and operating systems.
Our DevSecOps team monitors vulnerabilities daily and holds weekly meetings with the DevOps engineers and the product development team to ensure timely vulnerability addressing in accordance with our information security policy.
HIPAA compliance is a core pillar of ReviewMate™, ensuring the hospitals’ data, the patient’s data, and the auditors’ data are kept complete safe from risk. Since ReviewMate™ is a designated web-based application, many security features are implemented for all users right out of the box, with committed systems for the auditing firm. The data preserved after a secure importing is encrypted and protected from external influences.
Confirm fidelity with more complex sign-on options. Integration with Google Duo.
Connect directly into enterprise LDAP system from within ReviewMate.
Import spreadsheets, universes of data, or any other third-party source of data into a central resource.