Changes

Category:Security

2,290 bytes added, 14:17, 5 July 2019
no edit summary
This category contains articles related to SmartSimple security.
 
[[SmartSimple]] handles client data with the utmost integrity. Security features and functionality exist at ''all ''levels of our system - from [[Global User Administrator|administrative controls]] to encrypted servers which are securely housed in a SSAE 16  (SAS 70*) data center. 
 
The below chart is a broad overview of our security process, licenses, and features: 
 
{| class="wikitable"
|-
||'''Certifications, Memberships & Compliance'''
||
* SSAE 16 (The United States)*
* CSAE 3416 (Canada) 
* FS-ISAC (Financial Services - Information Sharing and Analysis Center)
 
|-
||'''Encryption & Protection'''
||
* SHA 256 [[Password Policy|Password]] Encryption 
* SSL (128/1024) Encryption
* Closed ports
* All outward-facing [[URL]]s are encrypted
* Encrypted severs (provides protection from "bare metal attacks") 
* DDoS shield
 
|-
||'''[[Roles and Security Settings|Role-Based Permissions]]'''
||
* The creation of [[User Role|user roles]] define levels of access - this is a central feature of the [[SmartSimple]] platform 
* This user level control ensures that information is only accessible to those who are authorized
* See Also: [[Organization hierarchy#Organization Based Security|Organization-Based Security]]
 
|-
||'''System Lockdown'''
||At the first sign of an attempted breach of security, your SmartSimple [[instance]] can be placed on lockdown. This ensures that access is limited to parties who are addressing the security concern.
|-
||'''Forensic Auditing'''
||With your permission, SmartSimple can track system usage and provide you with detailed access [[Reports|reports]]. This may help to identify any unauthorized access resulting from issues such as shared [[Password Policy|passwords]] and malicious data manipulating.
|-
||'''[[Reader Log]] and [[Track Changes|Field Change Tracking]]'''
||All field changes are tracked and auditable. 
|-
||'''[[Two-Factor Authentication]]'''
||Protect your organization and system by requiring an additional layer of user verification beyond a username and password. Two-factor authentication drastically reduces the incidence of online identity theft and fraud. 
|}
*SSAE 16 supersedes Statement on Auditing Standards (SAS) No. 70 with the professional guidance for performing a service auditor's examination. 
[[Category:Contents]]
2,299
edits