Our Orion solution is completely secured; we implement the appropriate security processes and plans to prevent any intrusion into your network.

securite ESII

Security, availability and personal data protection are our top priority. The ESII organisation has a complete and robust set of policies and procedures that ensure continued information security, legal compliance and business continuity to support our clients.

  • Pentest: penetration tests carried out by an authorized company every 6 month.
  • Control and correction of main OWASP25 et SANS100 flaws directly from the source code.
  • Access control to the ORION platform only by name with a bastion of security and traceability of all actions carried out on an independent log server.
  • Passwords control with a centralized tool accessible by double authentification (with verification of password security scores – reliability, password compromise).
  • HTTPS and WSS network flows only OUTGOING on ports 443 and 8883.
  • Authentification server to the ORION solution with compliance with the French Information Security System Security Agency recommendations, protecting against Bute-force attacks, blocking after 10 attempts and possibility of SSO identity delegation on OpenID protocols.
  • Review and follow-up of internal documentation for all security-related procedures (Technical Architecture Document, Security Insurance Plan, General Security Policy of Health Information Systems…)