top of page
0_0.jpeg

Data Security & Compliance 
NIST 800-53 & ISO 27001

Defensible Data Security

We Don’t Take Chances With Your Assets

In the energy sector and public health, data security isn't a feature; it is the foundation of your license to operate. Whether we are handling Proprietary Exploration Data or Protected Health Information (PHI), we treat your information with the same rigor required by federal agencies.

Image by Matthew Lancaster
matthew-stephenson-NrXaHlnhgJM-unsplash.jpg

Core Security Protocols

Cowboy Boot Stirrup
Image by Andrew Cruz

The Digital Defense: Deep Dive

Rigorous Compliance Frameworks

We operate on a security framework designed to withstand scrutiny from federal auditors and corporate IT departments.

 

  • NIST 800-53 Aligned: Our infrastructure is built on the controls defined by the National Institute of Standards and Technology (NIST), the framework used by U.S. federal information systems.

​

  • ISO 27001 & HITRUST Certified: Our data centers maintain third-party certifications for Information Security Management and healthcare data protection.

​

  • Biometric-Gated Physical Access: Server room entry is strictly limited to authorized personnel via biometric authentication.

Image by Attorney Sluice
Image by Caleb Bennetts

Real-Time Threat Management (SIEM)

We do not rely on passive defenses. We actively monitor our network 24/7/365.

​

  • RAPID 7 SIEM: We use Rapid 7 for Security Information and Event Management, providing real-time visibility and automated alerts for any suspicious network activity.

​

  • Sentinel One Antivirus: Our endpoints are protected by AI-driven antivirus software designed to detect and neutralize advanced malware and ransomware attacks instantly.

​

  • Fortinet Firewalls: We utilize robust perimeter defenses to control traffic entering and leaving our environment strictly.

​

  • Fortinet MFA-Enforced VPN: All remote access is strictly gated by Fortinet’s Virtual Private Network with mandatory Multi-Factor Authentication (MFA).

Cloud Infrastructure Security (Microsoft 365 Environment)

WHR leverages the Microsoft 365 Enterprise ecosystem for secure collaboration, utilizing a defense-in-depth strategy for data storage and transfer.

Data at Rest Protection
(Storage)

All data stored in our cloud environment (SharePoint, OneDrive) is protected by three distinct encryption layers:

​

  • Azure Storage Service Encryption (SSE): We utilize 256-bit AES encryption, compliant with FIPS 140-2 standards, to render data unreadable on the physical storage media.

​

  • BitLocker Disk Encryption: We enforce volume-level encryption on physical disks within the data center, preventing unauthorized access via hardware theft or exposure.

​

  • Per-File Encryption: Every individual file is encrypted with a unique AES-256 key. Keys are rotated upon every update, ensuring that a compromise of one key does not compromise the entire dataset.

​

  • Segregated Key Management: We utilize a Secure Key Management architecture where encryption keys are stored in physically separate, hardened security modules, distinct from the data itself. This prevents unauthorized decryption even in the event of a storage compromise.

​

Segregated Key Management (Transfer)

​​​​

  • TLS 1.2 Enforcement: All client-server communications (uploads, downloads, and Teams chats) are secured via HTTPS using Transport Layer Security (TLS) 1.2 protocols, effectively neutralizing eavesdropping and Man-in-the-Middle (MitM) attacks.

Mitigating Liabilities

Today's environment demands that research also protect your financial and operational assets. Our framework is designed for the high-stakes contexts you face.

Active Defense

Unified Threat Management

Validated Governance Third-Party Certification

Personnel Security Data Security is Everyone’s Job

Description

We bridge the gap between physical and cloud security using Rapid 7 SIEM. The system integrates logs from our on-premises hardware and Microsoft 365 tenant into a single pane of glass. This comprehensive visibility ensures that threats moving laterally between cloud and local environments are detected and flagged immediately via automated alerting protocols.

​WHR’s security posture is not theoretical; it is validated through rigorous external auditing. We maintain active adherence to HITRUST and ISO 27001 frameworks, ensuring our control environments meet the highest international benchmarks for risk management and data protection.

Technology is only as strong as the people using it. We enforce a culture of accountability.

  • Continuous Training: Our team is trained to recognize and neutralize threats. We conduct regular, mandatory workshops on data privacy and threat awareness.

  • Strict NDAs: Your secrets stay safe. Every member of our team signs a comprehensive Non-Disclosure Agreement (NDA) to protect your intellectual property and stakeholder data.

bottom of page