The Beacon endpoint security program starts with asset inventory management. This involves maintaining a detailed asset inventory that tracks:

The above assets are tracked, reviewed, and maintained on a regular basis. Asset patching and configurations are centrally managed, tracked, and alerted.

In a layered security model, it is critical to include critical security operations in daily processes to ensure the maintenance of the highest security posture possible. The security focus of Beacon is centered on secure processes that support the day-to-day management of the key elements of the Beacon platform.

As part of the Configuration and Change Management processes, the security program tracks a detailed inventory of all assets utilized to support processing and support of the Beacon environment. This includes tracking and managing the role of each asset, its baseline configuration, tracking the software inventory, and managing and controlling the change process for all assets. The Configuration and Change Management processes are tightly controlled, including documentation, review, and approval of all modifications in the environment prior to supporting changes.

In support of controlled change, the established Change Management program establishes a change risk rating that identifies the impact of any change, descriptions of type(s) of change that meet tier change requirements, and the necessary processes for documenting, assessing, and approving change prior to implementation. The goal is to create an environment that supports controlled change and ensures those changes have gone through appropriate approvals prior to implementation-- all with the intention of mitigating risk.

The Baseline Configuration Management program establishes a clearly defined and repetitive baseline development and control approach that supports a predictable operating environment. The clearly defined baselines for each system component establishes a configuration and suite of software that supports those components within the Beacon environment. The baselines are reviewed, at minimum, annually. In most cases, they are reviewed as frequently as daily to support matter-of-fact changes (e.g., version updates, vulnerability patching) that are in the best interest of the system operation and security posture. Once new changes are identified, baseline updates are implemented and tested to validate the changes and limit the unintended impact of change. Once validated, the new baseline is documented and published for use.

Beacon employs comprehensive logging of system operations to track events for all networking, computing, and database system components for activity tracking and incident monitoring, alerting, and investigation. The logging program establishes alerting requirements and distribution, as well as the monitoring periodicity for all types of events and logs. These alerts are setup through automated observability and monitoring tools (e.g., Datadog, OpsGenie). Monitoring and review tasks are included in the regular schedule for all DevSecOps staff to increase the visibility of system operations and functions. This increases situational awareness throughout the team about how well the system is functioning.

The Business Continuity Plan starts with a risk-based approach for identifying key system elements, assessing their system criticality, and establishing appropriate failovers and redundancies to ensure system availability. We first begin by identifying the system components and performing a risk assessment of each to determine the role it plays in the system and the criticality of the task(s) it performs. In cases where there are critical components, we identify alternate operational elements that can take over in the case of a component-specific event interruption (e.g., failover service, load-balanced component). By creating these alternate paths, we reduce the risk of each single point of failure and increase the overall availability of the system. To ensure operational availability, we regularly test these alternate paths to ensure they are providing the expected capability. All lessons learned from these tests are integrated into the Business Continuity Plan as part of the Beacon continuous improvement program.

Disaster Recovery Plan

In concert with the Business Continuity Plan, Beacon has an established Disaster Recovery Plan that establishes operational steps for recovery of system operations when any system component or segment experiences an incident (e.g., downing event, interruption). The component risk assessment not only identifies the risk rating or impact of each component, but it also identifies alternate operational steps and recovery operations necessary to support continued system processing. Staff are provided alternate processing steps while administrators work to recover operations and return to normal processing capacity. As an ongoing safeguard, the Disaster Recovery Plan is tested regularly to validate its efficacy and integrate lessons learned back into this plan to support the Beacon commitment to continuous improvement.

Availability

Beacon is designed with resiliency in mind. The key underlying components are foundational to the system design to ensure automated system recovery and high availability of operational capabilities. Beacon leverages the Azure Kubernetes Service (AKS) for system orchestration of system scaling (variance in processing demand), failure recovery, deployment, and load balancing. Kubernetes supports establishing resource thresholds for system processing. When the system drops below resource thresholds, AKS will start new resources to bring the system back to equilibrium.

System component risk assessments help drive threshold assignments for each component and monitor and alert requirements to ensure we have a clear perspective about system operations. Observability and alerting services keep key system support personnel aware of variances in operation, trends, and issues so that staff may actively address relevant issues.

Physical Security

Beacon leverages Microsoft Azure as its cloud service provider (CSP). This allows Beacon to take advantage of industry-leading cloud technologies and leave critical physical security controls to highly trained professionals who specialize in cloud tenant support. Azure’s SOC 2, Type 2 report can be found here.