Armor Helps Simplify HIPAA Compliance
HITRUST CSF-Certified Solutions
Armor is certified by HITRUST whose framework is designed to simplify HIPAA compliance requirements by providing prescriptive compliance guidelines.
Inherited Compliance Controls
Our technology was built to address the risk-based nature of HIPAA compliance.
HIPAA Compliance Support
Our security team provides 24/7/365 support to help you overcome any compliance challenge.
A Focus on Security and Compliance
Armor continues to enhance protections and workflows to allow organizations subject to HIPAA to meet key controls while easily attesting to requirements for auditors.
When we looked at the market, we saw there were a lot of different tools out there, but what we really liked about Armor was transparency and simplicity of deploying the agents in our cloud. Armor increased SaRA Health’s speed to market by 15-20%.

Compliance Standards We Support


Inherited HITRUST CSF Controls
Armor customers benefit from inherited HITRUST CSF controls just by securing their data workloads and applications with our certified solutions. This means streamlined audits and cost savings for organizations.
Click on the tabs below to see key HITRUST CSF controls addressed by our solutions:
Armor Anywhere - HITRUST CSF Compliance Matrix
Armor Security Services | HIPAA/HITECH Controls | HITRUST CSF v8 Controls Required for Certification | Risk Mitigation |
Intrusion Detection/Prevention | Security best practice – implied control under 164.306(A) | 09.m | Malicious allowed traffic |
Internal Network Vulnerability Scanning | Included in §164.308(a)(1) | 10.m | Exploits due to missing patches/updates; improper network firewall configuration |
File Integrity Monitoring | §164.312(e) | 09.ab, 10.h | Monitoring unauthorized changes to critical files |
OS Patching | Security best practice implied control under 164.306(A) | 10.m | OS weaknesses |
Malware Protection | §164.308(a)(5)(ii)(B) | 09.ab(HT4), 10.h | Compromise due to virus/malware infection |
Log & Data Management | §164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b) | 09.aa, 09.ab, 09.ac | Detection of malicious activity |
Armor with Secure Hosting - HITRUST CSF Compliance Matrix
Armor Security Services | HIPAA/HITECH Controls | HITRUST CSF v8 Controls Required for Certification | Risk Mitigation |
IP Reputation Filtering | §164.308(a)(1)(ii)(A) | 09.m | Activity from known bad sources |
DDoS Mitigation | Security best practice implied control under 164.306(A) | 09.m, 09.h (included in Level 2 implementation) | Loss of availability due to high volume of malicious activity |
Web Application Firewall | Security best practice – implied control under 164.306(A) | 09.m | Application layer flaws and exploits |
Intrusion Detection/Prevention | Security best practice implied control under 164.306(A) | 09.m | Malicious allowed traffic |
Network Firewall (Hypervisor-Based) | Security best practice implied control under 164.306(A) | 01.m, 01.o, 01.w, 09.m | Unwanted network connectivity |
Secure Remote Access (Two-factor authentication) | §164.312(d), §164.312(a)(2)(iii) | 01.j, 05.i, 09.s | Unauthorized remote use of administrative access |
Secure Remote Administrative Access | §164.312(d) | 01.j, 05.i, 09.m, 09.s | Disclosure of administrative credentials |
OS Patching | Security best practice implied control under 164.306(A) | 10.m | OS weaknesses |
Malware Protection | §164.308(a)(5)(ii)(B) | 09.ab, 10.h | Compromise due to virus/malware infection |
Log & Data Management | §164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b) | 09.aa, 09.ab, 09.ac | Detection of malicious activity |
Physical Security | §164.310(a)(2)(i), §164.310(a)(2)(ii), §164.310(a)(2)(iii), §164.310(a)(2)(iv) | 08.b, 08.d, 08.j, 09.ab, 09.q | Physical theft or compromise of data |
Armor Compliance Expertise: HIPAA
Armor is HITRUST CSF certified. We are HIPAA compliance experts. In fact, HITRUST chose us to secure their MyCSF application.
Our talent and best-of-breed security technologies culminate in a heightened level of cloud security and compliance that only Armor can deliver.
- Our CISO Is Your CISO: Extend your cloud security roster with proven security talent. We streamline audits and assessments with hands-on expertise and guidance through any HIPAA and HITRUST CSF cloud compliance challenges.
- Certifiable Cyber Security Experts: The individuals in our Security Operations Center and compliance team have industry-leading certifications.
- Proven Cloud Security Results: Our Security Operations Center analyzes over 224M events and handles over 80 incidents daily.