System Security Features

Similar documents
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Sparta Systems TrackWise Digital Solution

Automate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Juniper Vendor Security Requirements

Projectplace: A Secure Project Collaboration Solution

Information Security at Veritext Protecting Your Data

SECURITY PRACTICES OVERVIEW

Integrated Cloud Environment Security White Paper

PCI DSS and the VNC SDK

Paperspace. Security Primer & Architecture Overview. Business Whitepaper. 20 Jay St. Suite 312 Brooklyn, NY 11201

Cisco Meraki Privacy and Security Practices. List of Technical and Organizational Measures

BEYOND CJIS: ENHANCED SECURITY, NOT JUST COMPLIANCE

Sparta Systems TrackWise Solution

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Hosts have the top level of webinar control and can grant and revoke various privileges for participants.

Unleash the Power of Secure, Real-Time Collaboration

Vendor Security Questionnaire

QuickBooks Online Security White Paper July 2017

System Overview. Security

PCI DSS and VNC Connect

Sparta Systems Stratas Solution

Security and Compliance at Mavenlink

Pulseway Security White Paper

TRACKVIA SECURITY OVERVIEW

The following security and privacy-related audits and certifications are applicable to the Lime Services:

WHITEPAPER. Security overview. podio.com

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Sample Security Risk Analysis ASP Meaningful Use Core Set Measure 15

DreamFactory Security Guide

W H IT E P A P E R. Salesforce Security for the IT Executive

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites

ORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers

GateHouse Logistics. GateHouse Logistics A/S Security Statement. Document Data. Release date: 7 August Number of pages: Version: 3.

Salesforce1 Mobile Security White Paper. Revised: April 2014

Product Brief. Circles of Trust.

ADIENT VENDOR SECURITY STANDARD

FILE SYNC & SHARE SECURITY ARCHITECTURE GUIDE

RADIAN6 SECURITY, PRIVACY, AND ARCHITECTURE

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

A company built on security

SECURE DATA EXCHANGE

CONNX SECURITY OVERVIEW

AppPulse Point of Presence (POP)

The Lighthouse Case Management System

HIPAA Compliance Checklist

Oracle Data Cloud ( ODC ) Inbound Security Policies

epldt Web Builder Security March 2017

Pass Microsoft Exam

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

Understanding IT Audit and Risk Management

Security Overview. Technical Whitepaper. Secure by design. End to end security. N-tier Application Architecture. Data encryption. User authentication

Cloud-Based Data Security

Oracle Database 11g: Security Release 2

Inventory and Reporting Security Q&A

Security Specification

Keys to a more secure data environment

RICOH Unified Communication System. Security White Paper (Ver. 3.5) RICOH Co., Ltd.

Watson Developer Cloud Security Overview

In-Depth Guide to PaperVision Enterprise

ipad in Business Security Overview

CIS Controls Measures and Metrics for Version 7

Anchor Competitive Sheet May 2015

ISSUE N 1 MAJOR MODIFICATIONS. Version Changes Related Release No. PREVIOUS VERSIONS HISTORY. Version Date History Related Release No.

Verasys Enterprise Security and IT Guide

EXCERPT. NIST Special Publication R1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

Total Video Solution Cybersecurity Protection. ConteraWS Platform Cybersecurity Overview

Unit OS7: Security The Security Problem. Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.

The Common Controls Framework BY ADOBE

A practical guide to IT security

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

University of Colorado

SECURITY & PRIVACY DOCUMENTATION

PCI DSS Compliance. White Paper Parallels Remote Application Server

emarketeer Information Security Policy

Security Guide Zoom Video Communications Inc.

OPERA Version 4.0+ PABP Guide and PCI Data Security Standard Adherence

Cloud Security Whitepaper

KantanMT.com. Security & Infra-Structure Overview

HIPAA Regulatory Compliance

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

Introduction to SURE

HIPAA Security and Privacy Policies & Procedures

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

Security Overview of the BGI Online Platform

WHITE PAPER. Authentication and Encryption Design

Online Services Security v2.1

VMware Horizon Workspace Security Features WHITE PAPER

Security Information & Policies

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

HIPAA COMPLIANCE FOR VOYANCE

The Nasuni Security Model

SECURITY STRATEGY & POLICIES. Understanding How Swift Digital Protects Your Data

Google Cloud Platform: Customer Responsibility Matrix. December 2018

Data Processing Amendment to Google Apps Enterprise Agreement

Security White Paper. Midaxo Platform Krutarth Vasavada

Secure Embedded Video Communications

Cloud FastPath: Highly Secure Data Transfer

ArcGIS Online A Security, Privacy, and Compliance Overview. Andrea Rosso Michael Young

Transcription:

System Security Features

Overview Azeus Convene provides excellent user experience in holding meetings, as well as sharing, collaborating and accessing documents without compromising security. By using Convene, users can securely access documents, organize meetings, and conduct presentations with mobile devices in both online and offline mode. Convene is designed and developed with an emphasis on responding to the challenges of enterprises and public services that require data protection, control, availability, and application security. Built with strong encryption mechanisms throughout the system, Convene s web portal allows user administrators to centrally manage user accounts, system policies, file access rights, and monitor system user activities. At a Glance SSAE16- and ISO27001- Compliant Cloud Hosting SOC-II Compliant 2048-bit TLS AES-256 network and document encryption Multiple-factor authentication by device registration On-the-fly decryption Fine-grained access control Automatic purge for lost devices Audit trail SW0105.022017 Page 1 of 4

Infrastructure Security Hosting facilities in the US, Canada, UK (Ireland), Singapore, and Australia are SSAE16- and ISO 27001-certified. The system is SOC-II Compliant. Unaffected by Heartbleed Vulnerability (a serious bug found in the open-source OpenSSL cryptography library CVE-2014-0160). Daily automated backups ensure data integrity. Unused or obsolete backups are destroyed and replaced to prevent unauthorized data retrieval. Continuous network monitoring of any attempted network attacks. Our staff closely monitor servers in real-time to ensure optimum system performance. Convene servers undergo operating system hardening. Login is secured by strict access controls and encrypted access. Administrative access is restricted to authorized personnel only. Proxy Server Support Network & Document Encryption Wireless network transmissions between Convene and its web portal are encrypted via 2048-bit Transport Layer Security (TLS) Documents are always encrypted with AES-256 when stored in Convene s local storage and web portal Secured Decryption on Mobile Devices Convene uses a secure, on-the-fly decryption model. When the user needs to access encrypted files on storage, only the needed parts are decrypted into memory. In contrast, common encryption software decrypts the whole document and stores its decrypted form on temporary file storage, which hackers can access. In addition, Convene uses automatically-purged local storage for its temporary files. Files are never backed up to itunes and icloud. SW0105.022017 Page 2 of 4

Key Management Data is protected by three-tier key management with random document key, user key and system key In Convene, user keys are securely stored in the ios Keychain and protected by ios device-specific encryption with automatic key generation, transfer and destruction System Administrators only need to keep and manage the system key to control overall security User Authentication, Password and Login Session Log in to both Convene and its web portal with a single user account Strong password policy and password expiration period is enforced Allow only your registered devices to sign in to Convene to prevent anyone else from accessing your account with an unregistered device. Password is encrypted using AES-256 Protect meetings through the attendee list Automatically sign out users on session timeout Access Right Control Access rights can be granted to an individual user or user group Allows automatic access right inheritance from parent to subfolders and files to ensure proper access right control while minimizing administrative effort Allows individual password protection for specific files and folders Read-only and read-write permissions Role-based access permissions to files in the portal and meetings SW0105.022017 Page 3 of 4

Security for Lost Devices Authentication prevents unauthorized access to data on a lost device Multi-level encryption keys and key management reinforce key protection, which is important especially when a device gets lost Data on a lost device is automatically purged when password guessing is detected When password guessing is detected, the system automatically locks the dubious user account and wipes out offline data/cache. Audit Trail Track all login attempts Track all file uploads and downloads Track all file permissions granted to users and user groups Physical Security 24x7 physical security of hosting facilities encompasses all computer and network communication systems. Information Security Information security controls are governed by strict internal access policy involving provisioning and change control. All employees are trained on data security requirements. Security Testing Application and infrastructure penetration testing are performed regularly. SW0105.022017 Page 4 of 4

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback