This section describes the network security protocols within the Monito business environment, including firewalls, intrusion prevention systems, and threat detection.
To protect the perimeter of the wireless network environment, we apply industry-standard wireless encryption to guard against unauthorized wireless traffic.
We maintain a synchronized time reference across all systems in the infrastructure for consistency in logging and operations.
Our Business service is built on a cloud-native architecture. Network security is managed at the virtual infrastructure level through the cloud provider.
Network security is layered on top of cloud-native security services and operates the following core controls.
Our firewall solution covers a broad range of security areas, including the following:
Network firewall
A virtual firewall that controls inbound and outbound traffic at the instance level, operating on a whitelist basis that allows only authorized IPs and ports.
Web Application Firewall (WAF)
Detects and blocks major web attacks such as SQL injection and XSS, as well as DDoS attacks.
Audit logging
Records key API calls and administrative events within the system for use in audit trails and anomaly detection.
Threat detection
A machine learning-based threat detection service that continuously monitors for abnormal access patterns, malicious IP communications, account takeover attempts, and more.
To protect our systems from malware, phishing, and viruses, we operate the following security systems.
Endpoint security solution
Provides active defense against potential threats, endpoint USB controls, and antivirus monitoring.
Web Application Firewall (WAF)
Detects and blocks web attacks such as SQL injection and XSS, as well as malicious bot traffic, providing application protection.
To respond to the latest threats, virus definitions are automatically updated on a regular basis.
We prioritize security across our entire solution, including iOS, Windows, Linux, and major web browsers. Through thorough patch management, we apply security patches promptly according to defined criteria and prioritize urgent vulnerabilities for early patching.
The firewall configuration follows a whitelist-based IP and port control approach that allows only authorized traffic.
To assess system security and identify potential vulnerabilities, we perform a comprehensive penetration test once a year.
Before major changes are applied, we conduct regular application security scanning, and findings are prioritized during the development process.
The Monito app provides a seamless experience for users to conduct and monitor online assessments on their devices.
The Monito app has passed the rigorous review processes of both the Google Play Store and the App Store, and is certified as meeting the required security standards.
To strengthen security, the Monito app requires user permissions at launch.
To maintain a secure mobile app environment, we conduct penetration testing once a year to identify and fix potential bugs and vulnerabilities.