Skip to main content
Version: v2.0.1

Cybersecurity information

The following cybersecurity indications are provided to inform users regarding critical security information and guidance to prevent the exploitation of cybersecurity vulnerabilities of MySegmenter (v2.0.1):

  • Cybersecurity Features

    • Data Encryption: All patient data is encrypted both at rest and in transit using SSL.
    • User Authentication:: Password authentication is required for all user accounts, in order to access web component or desktop software.

  • Known Cybersecurity Risks

    • Concurrent user logins: User accounts allow multiple users to be connected concurrently at the same time in the same account; is important that user takes prevision on the personnel that have access to each of the purchased account to ensure that unauthorized access is prevented

  • User Responsibilities

    • Password Management: Users must create strong passwords and change them regularly. Do not share passwords with others.
    • Software Updates: Regularly check for emails from by MySegmenter regarding new versions of the software. These versions can be downloaded from the user account in: https://mysegmenter.com.
    • Incident Reporting: Report any suspicious activity or potential security breaches to contact@mysegmenter.com immediately.

  • Regulatory Compliance

    • FDA Guidance Compliance: This software device meets the FDA's cybersecurity requirements as outlined in FDA’s Guidance ‘Cybersecurity in medical devices: Quality system considerations and content of premarket submissions’, Sept 2023.

  • Incident Response

    • Contact Information: In case of a cybersecurity incident, contact MySegmenter Technologies Inc. immediately at contact@mysegmenter.com or call + 1 302 549 2288.
    • Response Plan: MySegmenter Technologies Inc. has an established incident response plan that includes immediate threat assessment, mitigation steps, and notification procedures to minimize the impact of any cybersecurity breach. In case any incident affect software services, this will be indicated by official email contact@mysegmenter.com with mitigation indications.

  • Post-Market Surveillance

    • Ongoing Monitoring: MySegmenter Technologies Inc. continuously monitors for new vulnerabilities and threats and provides security patches as needed.
    • User Feedback: Users are encouraged to report any vulnerabilities or security concerns to help improve the software's security posture.

  • Cybersecurity control diagrams:

The MySegmenter v2.0.1 utilizes a secured web-component structure to ensure the user information is managed securely through all its components: Security infrastructure of the web-component

Additionally, MySegmenter offers to the users’ configurable authentication feature to manage and protect your licenses and manage your active devices. The authentication feature has the following characteristics:

  1. Username The feature utilizes an Email ID as username to access, the user is able to register their account with an email, and this email becomes the username to access their MySegmenter account.
  2. Password The feature utilizes a unique password to access the account, the password is required to access the MySegmenter web component and to initialize the desktop application.
    Security infrastructure of the web-component

Note It is important to highlight that users can modify these credentials in their user account on the MySegmenter user page

  • Credentials management

The MySegmenter (v2.0.1) utilizes a credential validations system to provide access to the software composed by a Username and a Password. The process for the creation of user credentials goes as following:

  • Credentials creation: User credentials are created upon registration of new usersFirst click on the Signup/Login icon. Afterwards, click on the sign up option displayed.

Main MySegmenter webpage

Fill up the data required, click on the ReCaptcha validation, and lastly click on the sign up button below. To confirm registration, MySegmenter will revise the request, and it will provide a confirmation email to complete the account creation.

Sing up page

  • Password modification: To preserve the integrity of the account’s security, the MySegmenter allows user to modify their password in their account on the webcomponent. Passwords can be modified as follows:

  • Forgot password: Forgotten passwords can be recovered and changed as follows:

    • Access the Mysegmenter Login Page: From the main Mysegmenter login page, locate the "Forgot Password" button. This is usually positioned below the password input field. Click on the "Forgot Password" `button.

Forgot password location

  • Enter register email address: On the "Forgot Password" page, you will find an input field labeled "Email Address. Then, enter the email address associated with your Mysegmenter account into this field; and Complete reCAPTCHA process.

Forgot password interface

  • Submit request: Click the "Submit" button to initiate the password reset process. Once you successfully click submit button you will see the confirmation message on screen as “We have successfully sent a password reset link to your registered email address.”

Forgot password interface

  • Check Email Inbox: Access your email inbox and locate the email from MySegmenter. It will contain a link for resetting your password
  • Reset Password: Click on the link provided in the email or follow the instructions to create a new password for your MySegmenter account.
  • Login with New Password: Return to the MySegmenter login page and enter your new password along with your email address, Complete ReCAPTCHA process, and Click the "Login" button to access your account.
  • Password Update: Users can modify their password at any given time in the webcomponent as follows:
    • Access the Password Update Page: When you logged in to your MySegmenter account, navigate to the "Profile" section. This is typically located in the top right corner or within a menu, and look for an option "Update Password," Click on it.

Password update option location

  • Enter Current Password: You'll be directed to the password update page, locate the field labeled "Old Password" or similar, and enter your current password in this field.

  • Create New Password: In the "New Password" field, create your new password, and Ensure it meets the following criteria for a strong password:

    • a Combination of uppercase and lowercase letters
    • b Inclusion of numbers
    • c Use of symbols
    • d Length of at least 8 characters

  • Confirm New Password: In the "Confirm New Password" field, re-enter the new password you just created.

  • Change Password Click on the "Change Password" button, and the system will process your request.

  • Log out and Log in: Once the password update is successful, log out of the MySegmenter application, and log back in using your newly created password to confirm that the changes have taken effect

  • List Network ports

The web component of the MySegmenter (v2.0.1) utilizes the following ports:

  • Port-22:

    • Inbound and outbound
    • To reduce the risk of malicious activity, we have inbound access to port 22 is only allowed to IP addresses that require it. Unrestricted access to port 22 can significantly increase the risk of hacking, man-in-the-middle (MITM) attacks, and brute-force attempts. To enhance security,access should be restricted to trusted IPs (Developers IP) only.

  • Port-80:

    • Inbound
    • A network port that allows web servers to communicate with web browsers using HTTP (Hypertext Transfer Protocol)
    • HTTP (Hypertext Transfer Protocol)
    • Kept open as SSL certificate updating using that port

  • Port-443:

    • Inbound
    • The standard port for HTTPS, which is a secure version of HTTP. Port 443 uses SSL/TLS to encrypt data, which protects it from being intercepted by eavesdroppers. Port 443 creates a secure tunnel between the web browser and the website.

  • Port-3306:

    • Inbound
    • When an application wants to access data stored in a MySQL database, it makes a connection to it over port 3306. Once the MySQL server authenticates the connection, the application can query the database using a language called SQL.

  • Technical requirements

MySegmenter Technologies Inc. provides a network infrastructure for the web component that prioritize the reliability and safety of the data managed by implementing different security controls in their webpage and desktop software. Currently, only the minimum system requirements indicated in Section 6 are necessary for the proper functioning of the cybersecurity controls. It’s still heavily recommended that users maintain firewalls and antivirus active and updated for general security purposes

  • Features to preserve critical functionalities

In order to preserve the key functionalities of the software, the following features are provided in case a vulnerability exploited in the web component denies access to the software:

  • Auto save: The application includes an autosave feature with a customizable save frequency,adjustable within settings, to prevent data loss during unexpected shutdowns.
  • Crash Recovery: Upon detecting a crash, the application allows users to manage multiple crashed sessions stored in a temporary location. When relaunching, users are prompted to either restore cases from the list of previous sessions or start the software fresh without restoring.
  • License Verification: After login, the application verifies license availability. If all licenses are in use, it displays a list of licenses along with the associated machines, helping users manage active sessions effectively.
  • Logging: The logging feature includes options for setting log retention periods, allowing organizations to define log duration in alignment with their protocols. Additionally, users can easily open the log directory or export logs for analysis.
  • DICOM Anonymization: The application provides DICOM anonymization functionality to ensure sensitive patient data is protected, enabling users to anonymize identifiable information in DICOM files before sharing or exporting data.

The data for Autosave, logging and crash recovery functionalities will be saved on the C:\Users (username)\AppData\Local\Temp\MySegmenter folder in the user device. In addition, all data utilize by the application is fully obfuscated using bytecode python conversion to avoid potential tampering

The recovering data will be stored until saving operation is performed by the user or the user device is restarted.

Note: User needs to preserve their generated files such as models or projects in secure locations to avoid potential disclosure, or tampering from unauthorized users

  • Backup and restore features

In order to preserve the integrity of the user data for the desktop application and for the web-component; the following features are provided:

  • MySegmenter Desktop component:
    • Autosave feature: The autosave features once enabled create saved files on a user defined period of time and preserves all the changes performed and its settings.
    • Recovery feature: The recovery feature when the device is suddenly closed due to a bug. The recovery feature allows the user to load the last saved file on the project if this either Saved or AutoSaved.
  • MySegmenter Web-component:
    • User information: The MySegmenter utilizes Keygen service to store all the user related data.Keygen has strong security policies in place for their own personnel, as well as for the infrastructure used. In addition to the main server, Keygen also encrypts data backups in other locations within the USA in case anything happens to the main servers. In addition, Keygen also provides DDoS mitigation techniques to ensure uninterrupted service and business continuity
    • User data restoring: Keygen utilizes Heroku Postgres to provide continuous protection for all the user data. Recovery databases are created by retrieving these backups and replaying them on a new Postgres installation. This secure storage allows for complete user data recovery in case of hardware failures, data corruption, or service interruptions; allowing to provide access to the MySegmenter (v2.0.1) in a short window of time.
  • Retention features: In order to preserve the security credentials provided by the user, the MySegmenter (v2.0.1) provides the License token feature
    The security token feature in MySegmenter is designed to enable quick access to the software after the user logs in for the first time. The functionality works as follows:
    • First Login: When the software is opened for the first time after the user's device is started, the user must provide their credentials for authentication.
    • Token Creation: Once the user's credentials are validated, MySegmenter will generate a security token on the user's device. This token contains the user's security credentials.
    • Quick Access: The security token allows the user to access the software immediately without needing to enter credentials again, even if the application is closed and reopened — as long as the device is not restarted.
    • User Dashboard Verification: The machine and license information associated with the security token can be verified on the MySegmenter web component user dashboard.

This feature enhances usability by enabling faster access while maintaining security.

  • Default security configuration

During the registration process for an account created in the MySegmenter web-component, user will be able to create a password during initial sign up, and this will be the initial set of credentials required to access the device. The MySegmenter provides the opportunity to modify user account credentials in the "My Profile” tab on web-component afterwards if required by user.

All the files generated by the MySegmenter will be saved in the local device of the user, for this reason is heavily suggested that users follow the cybersecurity precautions indicated in section 9.14.

  • Recommendations for security configuration

The following recommendations are provided to the user for the configuration of the security features provided by the application.

  • User email:

    • Always utilize active email directions that are currently employed by the user.
    • Ensure MySegmenter Technologies Inc email direction is not listed on the spam directory.
    • Ensure additional methods for email access are enabled to not lose access to the MySegmenter platform.

  • Password:

    • It's recommended that passwords possess the following structure to reduce potential account password breaches:
      • Create a password of 8-12 Characters
      • Make sure password contains at least 1 uppercase letter.
      • Make sure password contains at least 1 lowercase letter.
      • Ensure password contains at least 1 number
      • Ensure pasword contains at least 1 special character
    • Ensure password is not shared to unauthorized users.

  • Security data recorded:

To ensure the security and accessibility of the application, the different elements of the web component will capture different events for security. The following data will be captured by MySegmenter Technologies Inc for security activities:

  • Keygen: The information from Keygen platform will be only accessible by limited personnel within MySegmenter Technologies Inc. The user and license data will be kept in Keygen platform, and it is downloadable by MySegmenter Technologies Inc as PDF format for its transmission through mysegmenter.com admin panel
    • Creation of new users: Any newly created user will be captured on the Keygen server with the information associated to their profile.
    • Modification of user details: Any modification to any of the existing user profiles such as name, email, and/or password change
  • Stripe: The information from Stripe platform will be only accessible by limited personnel within MySegmenter Technologies Inc. The data captured will be kept on the Stripe platform, and it is downloadable by MySegmenter Technologies Inc admin as PDF format for its transmission.
    • Transaction information: Information regarding each transaction performed by the user including date, amount, and payment information.
  • MySegmenter: The recorded information of the log files recorded by the MySegmenter desktop component are located in the following folder in “.txt” file format: C:\Users<Username>\AppData\Local\3d surgical\MySegmenter\Logs. The following elements are recorded:
    • Session information
    • Information of the user account and device utilized.
    • Operations performed during the session (all event capture)
    • Log record duration selection through settings
    • Log recycling, access and archive using settings
  • Security logs: To ensure the security of the application, security logs will be collected from the application infrastructure. These logs will be analyzed in real time by MySegmenter Technologies Inc.'s SIEM system to detect and respond to potential security threats.
    • Security Events: MySegmenter Technologies Inc. will record critical security events, including user authentication, account creation, server requests, access attempts, and purchases. These logs will provide a comprehensive audit trail for security analysis and compliance.
    • Log Sources
      • Security logs will be generated from multiple sources, including:
      • Firewalls
      • AWS servers hosting MySegmenter
      • All collected logs will be standardized and securely stored in a centralized logging system for further analysis by the SIEM platform
    • Log Format and Retention: Security logs will be stored in JSON or Common Event Format (CEF) and continuously analyzed by the SIEM system as events occur. Logs will be archived monthly to facilitate trend analysis and long-term security insights.
    • Continuous Monitoring & Incident Response: Security administrators will actively monitor SIEM alerts in real time and respond to potential threats in accordance with internal incident response procedures. Newly identified vulnerabilities will be documented, analyzed, and mitigated based on their severity.
    • Cybersecurity Incident Handling: In the event of a security incident, authorized personnel will analyze logs generated by the SIEM system, cross-referencing them with data from third-party services and, when necessary, requesting additional logs from affected users for a thorough investigation.

In case of cybersecurity incidents occurs, authorized personnel from MySegmenter Technologies Inc. will revise utilize the security log generated recorded from the SIEM, in addition to the information obtained from third party platforms, request log files from users for further analysis.

  • Cybersecurity component support:

MySegmenter (v2.0.1) and its web-component do not utilize external components on their infrastructure that are subject to decommission on time. However, any change in third party services utilized by the application will be notified to users.

  • Procedures to remove user information

To comply with GDPR data requirements, MySegmenter Technologies Inc ensures all users have the right to delete their data from our servers on request. The following steps are required to request a data removal procedure:

  • Write an email request to our contact contact@mysegmenter.com, and with the Subject: “Data removal request”. Provide in the body of the email the following information to follow up with the request:

    • Username of the account in MySegmenter web-component
    • User email ID utilized for the account. (It must match with the email direction of this request)
    • Stripe payment username
    • Stripe payment user email ID

  • We will cross verify the information in stripe and keygen to determine if the user is active and the information is still available

  • If information matches, then we will proceed with the decommission of that user

  • Otherwise, we will send an email to conform the details and ask for the proper information

  • The following steps will be followed by the company for deletion:

    • Stripe
      • Stop the subscription if any active
      • Delete the user which will also delete the subscription payment information
    • Keygen
      • Delete the machine associated with the user
      • Delete the licenses associated with the user
      • Delete the user
    • Our server
      • Delete the user details from our database
    • On user system
      • To eliminate all data, the user needs to delete the folder located at “C:\Users<device user>\AppData\Local\3d surgical\MySegmenter”

  • Incident Reporting

In case any suspicious activity, inability to access the application, and or potential security breaches are suspected please report this contact@mysegmenter.com.

In case any serious incident during the use of this device or as a result of the use of this device occurs, please report this to MySegmenter, and to your national authorities as required.

It is recommended that reports are performed from email address associated with the user account; the MySegmenter Technologies will never request any user passwords, or additional personal information in order to provide assistance.

Authorized personnel will reach back to contact in 1 calendar day or less.

  • Cybersecurity notifications

In case any serious cybersecurity event is detected or suspected, please report it to MySegmenter Technologies Inc. through this email: contact@mysegmenter.com.

  • Cybersecurity Precautions:

All data generated from MySegmenter will be recorded in the user device. For this reason, users are responsible to ensure the security of the device environment in order to prevent potential security exploitations. The following recommendations are suggested to the users to prevent potential cybersecurity exploitations:

  • Utilize strong passwords with at following the suggestion provided in section 9.8.

  • Do not share software credentials with unidentified users.

  • Maintain firewalls active during interaction with web-component, and during the utilization of the MySegmenter.

  • Maintain anti-virus software active and updated in the system.

  • Provide software updated with the latest updates released.

  • Users must ensure that only authorized members have access to the device where MySegmenter and data files are stored to prevent security incidents.

  • Cybersecurity warning:

    • The MySegmenter (v2.0.1) will provide automated email notifications every time credentials are modified in the user profile. It is suggested to ensure email contact@mysegmenter.com address is not marked as spam to receive appropriate notifications.
    • The MySegmenter (v2.0.1) will provide indication if user licenses are in use at the moment of access, and it will provide information of which devices are utilizing such licenses

  • Software updates:

MySegmenter Technologies Inc. might release new patches to correct detected cybersecurity vulnerabilities detected, or potential critical bugs in the desktop applications. In case any urgent patch is required, MySegmenter will contact users through email to provide indications to download out of schedule patches from the MySegmenter web component. The following process outlines the steps for updating the MySegmenter (v2.0.1) in compliance with best practices for security, functionality, and user clarity

  • Optional Uninstallation of Previous Versions: Users may uninstall the older software version before proceeding with the update to ensure optimal performance and eliminate any potential ambiguity about using the latest software version.
  • Patch Update Steps:
    • Access: Navigate to mysegmenter.com.
    • Download: Download the latest available or intended version of the MySegmenter (v2.0.1).
    • Verification:
      • Verify the MD5 checksum of the installer file using any reliable MD5 checksum checker tool.
      • Ensure that the checksum matches the value provided on the download page to confirm file integrity and authenticity.
    • Installation:
      • Install the verified software.
      • Follow all on-screen instructions during the installation process.
    • Usage: Begin using the updated software once the installation is complete.