Equipped against attacks from the outside
booking4med passes pentests with flying colors
Following the successful completion of the pentests for the web applications Referrer Portal and Patient Portal, as well as Teleradiology in March, the Appointment Booking Portal booking4med has now also been issued the new certificate.
Information and data security play a primary role for medavis. “That is why we regularly commission an external service provider, usd AG, to carry out so-called penetration tests of our web applications. Currently, our online appointment booking solution booking4med has successfully passed such a test and has been certified accordingly,” says product manager Samer Abdalla. Not only were the applications themselves put to the test, but also the resources required for them – in this case the cloud service infrastructure. Both the configuration and the applications running on the cloud have been assessed.
A penetration test, or pentest for short, simulates attacks of various types on the IT system landscape. The aim is to identify any vulnerabilities and possible points of attack as well as to uncover security gaps and thus ensure security at the technical and organizational level.
“usd AG, with whom we have been working for many years, applies strict testing criteria and is guided by the recommendations and guidelines of the German Federal Office for Information Security (BSI), the Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP) and the requirements of the Payment Card Industry Data Security Standard (PCI DSS).The consulting company develops individual testing concepts for each product, which also take special requirements into account. This means that our customers and we can be really sure that our systems are immune to hacker attacks,” says Abdalla.
* Mandatory field: Please fill in all fields marked with *.
** Tracking consent: I agree that medavis GmbH can analyze my usage behavior in relation to the newsletter (e.g. which content is clicked on) in order to offer me newsletter content that is tailored to my interests. Further information can be found in our privacy statement. I can revoke this consent at any time with effect for the future by sending an e-mail to email@example.com or via the link in every e-mail I receive.