At Relisc Corporation, security is our top priority. We leverage AWS's industry-leading infrastructure to protect your data and ensure the highest standards of operational integrity.

At Relisc Corporation, we are dedicated to creating a secure environment for our clients, ensuring the protection, confidentiality, and integrity of your data at every level. Our security program is grounded in AWS's advanced and proven security protocols, allowing us to leverage the same infrastructure trusted by top enterprises around the world.

Through AWS Security Hub, we monitor, audit, and optimize our security configurations continuously, identifying and mitigating potential threats before they can impact your data. By utilizing real-time alerts and proactive monitoring tools, we ensure your information is safeguarded around the clock. Additionally, we enforce rigorous encryption standards, stringent access controls, and comprehensive compliance checks to meet and exceed industry benchmarks.

With Relisc Corporation, your data remains protected 24/7, backed by the reliability and resilience of AWS's best-in-class security practices.

Relisc Corporation is fully committed to upholding industry compliance standards to ensure data protection and operational integrity. While we are actively pursuing SOC 2 certification as part of our commitment to robust security practices, we already have the necessary policies and procedures in place for compliance with HIPAA regulations. We have undergone multiple audits by our clients, all of which we passed without findings, reinforcing our dedication to security and compliance.

To maintain continuous oversight and proactive security management, we utilize AWS Security Hub along with services like GuardDuty, Inspector, and AWS WAF. These tools allow us to monitor our infrastructure against recognized standards and detect potential vulnerabilities. In Security Hub, we have activated key security frameworks, including:

• NIST Special Publication 800-53 Revision 5 for rigorous federal security and privacy controls,

• CIS AWS Foundations Benchmark v1.4.0 to align with AWS foundational security best practices, and

• AWS Foundational Security Best Practices v1.0.0 to ensure a comprehensive security baseline.

Annual Penetration Testing: We conduct an annual penetration test with a third-party security firm to identify and address any potential vulnerabilities. This independent assessment reinforces our ongoing commitment to the highest levels of security.

For network security, we deploy a layered approach combining Fortinet firewalls with AWS-native controls such as Security Groups and Network Access Control Lists (NACLs). This hybrid model enables robust protection for our network, adding extra layers of defense around our sensitive data and services.

Through these stringent controls, continuous monitoring, and dedication to compliance, Relisc Corporation upholds the highest standards in data security for our clients.

At Relisc Corporation, AWS GuardDuty and Security Hub serve as the cornerstone of our threat detection and incident response strategy. GuardDuty continuously monitors for malicious activity and unauthorized behavior, identifying potential security issues across our accounts and workloads. Security Hub consolidates findings from GuardDuty, Inspector, and other AWS services, providing us with a unified view of our security status. Together, they enable us to respond to threats in real-time, with automated alerts that trigger our incident response workflows.

This integrated approach allows us to quickly detect unusual activity, investigate potential threats, and respond with the necessary controls to neutralize risks. By leveraging these tools, we can minimize the likelihood of incidents escalating, thus protecting our clients’ data and maintaining operational resilience. With real-time threat intelligence from GuardDuty and comprehensive security insights from Security Hub, Relisc Corporation ensures that every possible risk is monitored, managed, and mitigated promptly.

At Relisc Corporation, we understand the critical importance of maintaining privacy and confidentiality for each client’s data. To ensure that data remains fully isolated, we implement a strict data segregation policy whereby each client’s data is encrypted with its own unique encryption key. This ensures that only authorized users associated with each client can access their data, providing a robust layer of security that prevents any crossover access between clients.

Data encryption is managed with the highest industry standards, protecting all data both at rest and in transit using AES-256 encryption and TLS 1.3, respectively. This means that client data is safeguarded from unauthorized access at every stage, regardless of how or where it is stored or transmitted.

To further protect sensitive information, we maintain rigorous access control policies and procedures that limit internal access to client data to the minimum necessary for operational purposes. Access requests are reviewed thoroughly, and access is only granted to personnel who require it to perform specific tasks. Additionally, we conduct regular access reviews to confirm that only the minimum necessary data is accessed, adhering to the principles of least privilege.

These data privacy protocols, combined with continuous monitoring and auditing, reinforce our commitment to safeguarding client information. By maintaining strict data separation, encryption, and access control measures, Relisc Corporation provides clients with peace of mind, knowing their data is secure, private, and handled with the utmost integrity.

Data Encryption. 

At Relisc Corporation, we prioritize data protection through stringent encryption protocols, safeguarding all client information from unauthorized access. Data is encrypted both at rest and in transit, ensuring its security throughout its lifecycle. For data at rest, we utilize AES-256 encryption, an industry-standard algorithm known for its robust, government-grade security. This means that data stored in databases, storage services, and backups is protected by one of the most secure encryption standards available today.

For data in transit, we employ TLS 1.3 encryption to secure all data transfers across networks, including between client devices, our applications, and AWS services. TLS (Transport Layer Security) establishes a secure connection, preventing interception or tampering with sensitive information. By combining these encryption methods, we ensure that client data is secure, whether it’s being stored or transmitted.

Access Management

Access to sensitive data and resources at Relisc Corporation is tightly controlled using AWS Identity and Access Management (IAM) policies. IAM allows us to define granular permissions for each user, service, and application, ensuring that individuals only have access to the resources they need to perform their roles. We follow the principle of least privilege, meaning permissions are granted conservatively and reviewed regularly to maintain optimal security.

Our IAM policies are carefully designed to limit access based on role, function, and purpose, preventing unnecessary exposure to sensitive data. In addition, we leverage AWS features such as multi-factor authentication (MFA), access logging, and conditional access policies to add layers of security. AWS’s robust access management capabilities provide the flexibility and control needed to secure client data while facilitating smooth operations within our secure environment.

API Security

Relisc Corporation’s APIs, managed through AWS API Gateway, are built with security as a foundational priority. Every API is protected by strict authentication protocols to ensure that only authorized users can access or interact with sensitive data. We enforce secure integrations with services like AWS Cognito for authentication, allowing us to confirm user identities through secure tokens and implement granular access control at every endpoint.

In addition to authentication, our APIs are protected by AWS Web Application Firewall (WAF), which guards against common web vulnerabilities, such as SQL injection and cross-site scripting. This layered security approach ensures that our APIs remain resilient against attacks while providing clients with a seamless, secure experience when interacting with our services.