White paper: a solution for healthcare

This totally free White Paper discusses the needs of healthcare providers and institutions, debunks some myths, and explains how to achieve the required levels of security and compliance.

Feel free to download it and use it under the CC BY-NC-ND 4.0 license.

Download “Solution-for-Healthcare-Complete.pdf” Solution-for-Healthcare-Complete.pdf – Downloaded 422 times – 732 KB

Understanding the security “preset configuration”

Syncplify.me Server! version: 4.0.0+

In the new Syncplify.me Server! v4.0, there’s a quite handy feature that allows a one-click configuration of many security settings at once, depending on the virtual server’s intended usage scenario.


Here’s a brief explanation of what each preset configuration means and what to expect when you apply it: Continue reading

PCI and HIPAA compliant administrative logs

Syncplify.me Server! version: 4.0.0+

Another requirement found in the latest versions of both PCI-DSS and HIPAA regulations is the necessity to keep an “untamperable” log of all configuration operations performed by any administrator.

Digitally signing every single log line is not enough, as the disloyal employee could simply delete some log lines entirely. Therefore each line should have a numeric incremental ID (to make it easier to spot “holes”) and each line’s digital signature should “roll over” and be calculated including the previous line’s digital signature in the signed data. This way an administrator cannot delete one (or several) log lines without being spotted.

Furthermore, to make log analysis even easier, each log line is not actually just a “line of plain text”, rather it’s a JSON object that can be easily queried. Here below you can see a typical “log line” showing a call to a configuration REST API and the relative response and signature: