The DEA's Controlled Substance Ordering System (CSOS) allows for secure electronic transmission of Schedule I-V controlled substance orders without the supporting paper Form 222.
The DEA requires that auditors must validate that the cryptographic modules are FIPS 140-2 certified. Auditors must also validate all aspects of the software that are addressed in the regulations.
Core Vormetric capabilities that help meet all these compliance standards include:
Encryption and Key Management: Strong, centrally managed, file, volume and application encryption combined with simple, centralized key management that is transparent to processes, applications and users.
Access Policies and Privileged User Controls: Restrict access to encrypted data – permitting data to be decrypted only for authorized users and applications, while allowing privileged users to perform IT operations without the ability to see protected information.
Security Intelligence: Logs that capture access attempts to protected data, providing high value security intelligence information that can be used with a Security Information and Event Management (SIEM) solution and for compliance reporting.