|
The Systems Administration and
comprehensive Security features are controlled through the User
Manager function. The Audit trails, Error and User logs and
Password properties are all configurable to meet the needs of the
organization.
Access to each individual
function and application component is set-up by the Systems
Administrator using permit or deny entries, either at User or
Group level. Search and viewing capabilities are also controlled from this
applet. Users can be restricted down the search value level (For example:
only reports that contain your account number).
Viewing, printing and use of exporting tools can also be restricted based on
cabinet, user, field, etc...
Functions such as Indexing and
the use of application setup are restricted to the
Administrator or automation tools that have administrator rights
to the system.
Data integrity and security is further enhanced by the methods that are
employed for storing and accessing data. In both the thick client
and WEB based systems, data is stored in a highly compressed
format. Direct access by client side software to the data is never
allowed in either system. Data volumes on the DataStore Host
machine do not require shares and access is limited to the local machine
user. In the event that local machine user security was breached,
the format of the data managed by DataStore is such that a proprietary
decompression and viewing application is required to view
information. Without the proprietary application only unusable
encrypted data is viewable. The information below is an
example of an attempt to view encrypted data.
When accessing the system, client
side software first requires user authentication with a name and
password. The authentication process automatically limits search
requests to cabinets assigned to the individual user or group.
Each individual or group can be limited to very specific search
criteria. For instance, and individual user or group may only be
able to search for pages that contain very specific information.
This information could be a department number or an individual social
security number. Trying to retrieve unauthorized information
causes a message to be displayed notifying the user that the data is not
available.
If a request for information is valid, special middleware software
executes the search and accesses the data. The search process
pulls only individual pages authorized by the security module for
delivery to the end user.
DataStore can be deployed on local and wide area networks including
Virtual Private Networks. Web based applications can also utilize
SSL certificates to keep all traffic encrypted.
|
