Difference between revisions of "Category:Security"

From SmartWiki
Jump to: navigation, search
Line 4: Line 4:
  
 
=Overview=
 
=Overview=
 +
[[SmartSimple]] handles client data with the utmost integrity. Security features and functionality exist at ''all ''levels of our system - from [[Global User Administrator|administrative controls]] to encrypted servers which are securely housed in a SSAE 16  (SAS 70*) data center. 
 +
 +
Within our system, our '''internal system security '''is a two-tier model:
  
[[SmartSimple]] handles client data with the utmost integrity. Security features and functionality exist at ''all ''levels of our system - from [[Global User Administrator|administrative controls]] to encrypted servers which are securely housed in a SSAE 16  (SAS 70*) data center. 
+
* [[User]] access is firstly [[Organization hierarchy|hierarchically]] and can furthermore be restricted by [[User Role|role]]; field-level security is also based on role 
 +
* [[Global User Administrator|Manager]] permissions control access to higher-level functions within {{UTA}}s 
  
The below chart is a broad overview of our security process, licenses, and features: 
+
The below chart is a broad overview of our security licenses and features: 
  
 
{| class="wikitable"
 
{| class="wikitable"
Line 22: Line 26:
 
* SHA 256 [[Password Policy|Password]] Encryption 
 
* SHA 256 [[Password Policy|Password]] Encryption 
 
* SSL (128/1024) Encryption
 
* SSL (128/1024) Encryption
* Closed ports
+
* Closed ports - otherwise, communication is using HTTP port 80 or HTTPS port 443
* All outward-facing [[URL]]s are encrypted
+
* All outward-facing [[URL]]s (external [[Signup Page|sign-ups]], [[Login Page|logins]], or other entries) are encrypted
 
* Encrypted severs (provides protection from "bare metal attacks") 
 
* Encrypted severs (provides protection from "bare metal attacks") 
 
* DDoS shield
 
* DDoS shield
Line 47: Line 51:
 
||Protect your organization and system by requiring an additional layer of user verification beyond a username and password. Two-factor authentication drastically reduces the incidence of online identity theft and fraud. 
 
||Protect your organization and system by requiring an additional layer of user verification beyond a username and password. Two-factor authentication drastically reduces the incidence of online identity theft and fraud. 
 
|}
 
|}
* SSAE 16 supersedes Statement on Auditing Standards (SAS) No. 70 with the professional guidance for performing a service auditor's examination. 
+
*SSAE 16 supersedes Statement on Auditing Standards (SAS) No. 70 with the professional guidance for performing a service auditor's examination. 
 +
 
  
 
[[Category:Contents]]
 
[[Category:Contents]]

Revision as of 09:22, 5 July 2019

This page is meant to organize categories, please see the below listings to navigate the sub-categories and articles. 

 This category contains articles related to SmartSimple security.

Overview

SmartSimple handles client data with the utmost integrity. Security features and functionality exist at all levels of our system - from administrative controls to encrypted servers which are securely housed in a SSAE 16  (SAS 70*) data center. 

Within our system, our internal system security is a two-tier model:

  • User access is firstly hierarchically and can furthermore be restricted by role; field-level security is also based on role 
  • Manager permissions control access to higher-level functions within s 

The below chart is a broad overview of our security licenses and features: 

Certifications, Memberships & Compliance
  • SSAE 16 (The United States)*
  • CSAE 3416 (Canada) 
  • FS-ISAC (Financial Services - Information Sharing and Analysis Center)
Encryption & Protection
  • SHA 256 Password Encryption 
  • SSL (128/1024) Encryption
  • Closed ports - otherwise, communication is using HTTP port 80 or HTTPS port 443
  • All outward-facing URLs (external sign-ups, logins, or other entries) are encrypted
  • Encrypted severs (provides protection from "bare metal attacks") 
  • DDoS shield
Role-Based Permissions
  • The creation of user roles define levels of access - this is a central feature of the SmartSimple platform 
  • This user level control ensures that information is only accessible to those who are authorized
  • See Also: Organization-Based Security
System Lockdown At the first sign of an attempted breach of security, your SmartSimple instance can be placed on lockdown. This ensures that access is limited to parties who are addressing the security concern.
Forensic Auditing With your permission, SmartSimple can track system usage and provide you with detailed access reports. This may help to identify any unauthorized access resulting from issues such as shared passwords and malicious data manipulating.
Reader Log and Field Change Tracking All field changes are tracked and auditable. 
Two-Factor Authentication Protect your organization and system by requiring an additional layer of user verification beyond a username and password. Two-factor authentication drastically reduces the incidence of online identity theft and fraud. 
  • SSAE 16 supersedes Statement on Auditing Standards (SAS) No. 70 with the professional guidance for performing a service auditor's examination. 

Subcategories

This category has the following 3 subcategories, out of 3 total.

A

S

Pages in category ‘Security’

The following 62 pages are in this category, out of 62 total.

A

B

C

D

E

F

G

I

L

M

O

P

R

S

T

U

Retrieved from ‘https://wiki.smartsimple.com/index.php?title=Category:Security&oldid=36374