Client Name: Mindful Therapy 

Web site: https://mindfultherapygroup.com/   

Contacts: 

Megan Robitaille (Billing Operations Manager)  MRobitaille@mindfulsupportservices.com 

Adam Gower (Director of IT)  agower@mindfulsupportservices.com 

Trevor Ortiz (Information Security Manager) tortiz@mindfulsupportservices.com 

Howard Lince  (Solutions Architect) Howard.lince@infinit-o.com 

Wilmar Cundangan (IT Director - Infra/Security) wilmar.cundangan@infinit-o.com   

• Management

• IO Managed devices

• How will the team access the system?  

• All Web based 

• https://login.advancedmd.com/ 

• Will need to access Outlook inbox (InfinitoBilling@mindfulsupportservices.com) to get 2FA code. 

• https://teams.microsoft.com/ 

• Microsoft 365 sites 

• Availity - https://apps.availity.com REQUIRED US IP (ZSCALER US)

• Onehealthport 

• https://www.onehealthport.com/sso 

• Click on any of the carriers and it will bring you to the login 

• Noridian 

• https://www.noridianmedicareportal.com/web/nmp/home 

• Are there any restrictions in terms of connectivity?  REQUIRED US IP (ZSCALER US) on some sites. 

• Infinit-O IP address if they need to whitelist IP 

• Philippines IP: 124.6.149.58 and 27.110.152.198 

• Singapore IP: 18.141.124.204 

• If a region locked in the US,  then we may need to have them use our VPN (Tailscale hosted in Azure)  at an added cost. We will try to see if we can access full functionality using Zscaler US datacenters before considering VPN.  Pending Validation for other sites

• Connectivity test and shadowing access requirements requirements 

• Aiden Digno <aiden.digno@infinit-o.com> 

• Bryan Mao Ocampo <bryan.ocampo@infinit-o.com> 

• Patricia Joy Vasco <patricia.latagan@infinit-o.com> 

• The primary mode of Communication .  

• Email/MSteams/Sharepoint  

• Establish and agree on  protocol for secure file sharing or transfer between clients. (Operations)  

• Sharepoint  

• MSTeam 

• Are you allowing Infinit-O team members to access MSteams on their mobile device?

• Teamleaders and Managers No

• Team members No

• Are you allowing Infinit-O team members to user their mobile phones for MFA?

• Yes

Who is the IT POC for support escalation 

• Non-critical/urgent security questions/support: Teams Channel (IT tag) 

• For Infinit-O :   it.helpdesk@infinit-o.com 

• Who is the POC for reporting security breach and how will this be executed 

• For MindfulTherapy: pagerdutyalerts@mindfulsupportservices.com 

• The critical alerts email will contact our IT security team 24 hours a day 7 days a week and should only be used when immediate security support is needed (e.g. potential breach)  

• For Infinit-O :   it.helpdesk@infinit-o.com 

• wilmar.cundangan@infinit-o.com +63 917 5962657 

• Establish protocol for access setup and removal (client systems) 

• New hire and access revocation should be coursed through Infinit-O manager (Bryan Ocampo) 

• Access Onboarding and Offboarding

• Fill this form: https://www.cognitoforms.com/MindfulSupportServices/InfinitOOnBoardingOffBoarding 

• Share information on how each party will secure access to the systems in order to collaborate or propose additional security measures as necessary  

• Infinit-O  

• Windows 11 Pro  

• Bitlocker/Filevault 

• Jumpcloud for Identity management. With MF via TOTP/Yubikeys requirements. 

• EDR - Crowdstrike 

• RMM - Manage engine Endpoint Central  (patch management)  

• Zscaler - Secure webgateway  

• Google Workspace (Office Productivity)  

• Palo Alto /Cisco /Juniper (Firewall/switches/wifi systems) 

• 1Password 

• Client - for access to their system, what are the security measures involved so secure access to their systems (e.g. MFA, VPN, ZTNA)? 

• Microsoft Environment 

• Share other if possible 

• MFA 

• Approved IPs 

• Must use Windows device