View Count: 1043

FrontSQL eBIz suite Security
FrontSQL HAS BUILT a robust security infrastructure to manage the integrity and confidentiality of data throughout the system: from the users in your office, across the internet, to the servers and databases that store that information—whether they be at FrontSQL Datacenter or at one of FrontSQL's Application Service Provider (ASP) partners.

Read on to learn more about FrontSQL's security mechanisms:

INTERNET SECURITY
FrontSQL protects all connections to the FrontSQL Central workspace using Secure Socket Layer (SSL) protocol with 128-bit keys. This ensures that eavesdroppers cannot intercept critical information such as employees' user names and passwords. FrontSQL uses SSL, the industry standard for security browser based communications.



AUTHENTICATION
Users of the system must authenticate at FrontSQL Central with their company name, user name, and password before they can access the system. FrontSQL uses industry-leading technologies to perform this authentication. Customers can define their own password policies such as minimum length, content guidelines, and expiration times. In the future, FrontSQL will offer additional authentication mechanisms such as smart cards and biometric information.



ACCESS CONTROL
FrontSQL performs authorization checks to ensure that users of the system can view only the content and services they're entitled to see.



ACCESS TO APPLICATIONS
FrontSQL provides a single sign-on solution, whereby users authenticate only once with FrontSQL to access all of their provisioned applications. Using these tokens prevents theft of users' identities within the context of a given application, while single sign-on helps to eliminate the security leaks that result from having to maintain multiple passwords for each user.



CORE SERVICES
A sophisticated internal workflow engine controls the core FrontSQL services of provisioning, customer relationship management (CRM), and system monitoring. The authorization mechanisms of FrontSQL's application server govern this engine's activities. This J2EE-compliant application server enforces a set of policies that, for instance, prevent one customer from accessing the HR records of another customer. Additional security measures are built into the databases so that errors in application code or policy creation do not inadvertently allow one customer to access another customer's data.



ASP CONNECTIVITY
The connections between FrontSQL and its ASP partners are secured through the use of 40/128-bit SSL encryption and mutual authentication.


R4S Corp guarantees your data privacy and security, using industry standard technology.


Access Control and Authentication:
Users are required to present authentication either via user ID and password, digital certificate or other electronic verification to gain access to the system.
FrontSQL Ebiz Suite supports both principal- and role-based access control (RBAC) paradigms, allowing you to define permissions based on roles or assigning permission to individuals in your organization.
Data Security:
All communication between R4S Corp and the user's browser is encrypted using SSL.
We use a server-side digital certificate for authentication.
We use a comprehensive set of escalation rules for handling unauthorized access. We also track multiple audit trails.
R4S Corp servers reside in a 24x7x365 access-controlled facility, managed by a professional co-location firm. This facility uses industry standard security measures, including access restrictions and a halon fire system.