Mindful Therapy Client Onboarding: IT and Security

Mindful Therapy Client Onboarding: IT and Security

Client Name: Mindful Therapy 

Web site: https://mindfultherapygroup.com/   

 

Contacts: 

 

Megan Robitaille (Billing Operations Manager)  MRobitaille@mindfulsupportservices.com 

Adam Gower (Director of IT)  agower@mindfulsupportservices.com 

Trevor Ortiz (Information Security Manager) tortiz@mindfulsupportservices.com 

 

Howard Lince  (Solutions Architect) Howard.lince@infinit-o.com 

Wilmar Cundangan (IT Director - Infra/Security) wilmar.cundangan@infinit-o.com   

 

  • Management

    • IO Managed devices

  • How will the team access the system?  

  • All Web based 

  • Microsoft 365 sites 

  • Click on any of the carriers and it will bring you to the login 

  • Are there any restrictions in terms of connectivity?  REQUIRED US IP (ZSCALER US) on some sites. 

  • Infinit-O IP address if they need to whitelist IP 

  • Philippines IP: 124.6.149.58 and 27.110.152.198 

  • Singapore IP: 18.141.124.204 

  • If a region locked in the US,  then we may need to have them use our VPN (Tailscale hosted in Azure)  at an added cost. We will try to see if we can access full functionality using Zscaler US datacenters before considering VPN.  Pending Validation for other sites

  • Connectivity test and shadowing access requirements requirements 

  • Aiden Digno <aiden.digno@infinit-o.com> 

  • Bryan Mao Ocampo <bryan.ocampo@infinit-o.com> 

  • Patricia Joy Vasco <patricia.latagan@infinit-o.com> 

  • The primary mode of Communication .  

  • Email/MSteams/Sharepoint  

  • Establish and agree on  protocol for secure file sharing or transfer between clients. (Operations)  

  • Sharepoint  

  • MSTeam 

  • Are you allowing Infinit-O team members to access MSteams on their mobile device?

    • Teamleaders and Managers No

    • Team members No

  • Are you allowing Infinit-O team members to user their mobile phones for MFA?

  • Yes

Who is the IT POC for support escalation 

  • Non-critical/urgent security questions/support: Teams Channel (IT tag) 

  • For Infinit-O :   it.helpdesk@infinit-o.com 

  • Who is the POC for reporting security breach and how will this be executed 

  • The critical alerts email will contact our IT security team 24 hours a day 7 days a week and should only be used when immediate security support is needed (e.g. potential breach)  

  • For Infinit-O :   it.helpdesk@infinit-o.com 

  • wilmar.cundangan@infinit-o.com +63 917 5962657 

  • Establish protocol for access setup and removal (client systems) 

  • New hire and access revocation should be coursed through Infinit-O manager (Bryan Ocampo) 

  • Share information on how each party will secure access to the systems in order to collaborate or propose additional security measures as necessary  

  • Infinit-O  

  • Windows 11 Pro  

  • Bitlocker/Filevault 

  • Jumpcloud for Identity management. With MF via TOTP/Yubikeys requirements. 

  • EDR - Crowdstrike 

  • RMM - Manage engine Endpoint Central  (patch management)  

  • Zscaler - Secure webgateway  

  • Google Workspace (Office Productivity)  

  • Palo Alto /Cisco /Juniper (Firewall/switches/wifi systems) 

  • 1Password 

  • Client - for access to their system, what are the security measures involved so secure access to their systems (e.g. MFA, VPN, ZTNA)? 

  • Microsoft Environment 

  • Share other if possible 

  • MFA 

  • Approved IPs 

  • Must use Windows device 


    • Related Articles

    • Client Services - Definitions

      Client Services Terms Definition Team Secondary research A methodology in research that makes use of existing data. A common example is web-research. Client Services Lead Qualification a process of assessing identified leads based on qualifying ...
    • Equipment Security

      Ref. No.: CPP-IT-0303_V2_Equipment Security.doc  Prepared W. Cundangan 04/26/2017 Approved R. Eldridge 05/01/2017 1.0  Objective   1.1 To set standard guidelines on securing company owned equipments.  2.0 Scope 2.1 This policy shall apply to all ...
    • Network Control and Security

      Ref. No.: CPP-IT-0302_V2_Network Security.doc  Prepared W. Cundangan 04/27/2017 Approved R. Eldridge 05/01/2017 1.0 Objective 1.1 This policy is aimed to ensure the protection of information in networks and relevant supporting network services.  2.0 ...
    • Zero Client Configuration for OOB Clients - Manila Instructions

      Configuring All-in-One Zero Clients for Out of Band Use Open a web browser and type in the IP address of the zero client. This will open the Admin Web Interface (AWI). Note: The IP address can be found under Options -> Information and click the ...
    • What should I do about the critical security update?

      The IT team has identified a vulnerability on company-issued laptops that poses a potential security risk. To ensure the protection of our systems and data, all team members must apply the necessary updates as soon as possible. Follow these steps to ...