Home

Language

Solutions

Facilities Management

Real estate

ERP

Maintenance

Modules

Contact management

Servicedesk

IT Management

Reservations

Property management

Asset management

Contract management

Purchasing

Bidding and auctions

Maintenance

Online surveys

Project management

Time sheets

Employee management

Catalog management

Inventory management

Key management

Document management

Accounting

Strategic planning

Technology

Workflow management

CAD integration

User interface

Reporting

Import/export

Axxerion Script

Webservices

Security model

Open source

System requirements

Hosting

Axxerion Mobile

ISAE3402 Type II

Documentation

Datasheets

Example screens

System whitepaper

Workflow whitepaper

Hosting and security

Contact

Connected logo

Get Connected

Submit your question

Send us an email

Call or write

  Home Modules Technology Benefits Sales Clients Company News

SECURITY MODEL

Axxerion offers a comprehensive and multi-tiered security model based on industry standard best practices. Every user is assigned to one or more user groups. The user groups specify the default access, such as 'full', 'view' or 'none'. These permissions can be refined for individual fields, functions, objects or folders. There are various tools for the administrator to quickly view and modify access rights per module.

Physical access: The Axxerion servers are located in a professional datacenter with physical access control. Only registered persons are allowed to enter the building after their ID has been verified. The server rooms are secured with a key card and physical key.
IP filtering: Axxerion can limit the access to the site only to a certain IP pool.
This can provided on a restrictive basis where certain IP addresses are blocked or granting where only certain IP addresses are allowed to connect.
Passwords: Passwords cannot be viewed by anybody including the system administrator. Passwords must have a minimum length, should contain special characters and may not include repetitive characters. The login is automatically disabled after three failed login attempts.
SSL/HTTPS: The communication between the web browser and the Axxerion server can be encrypted using SSL and the https protocol, with a 1024-bit encryption key. This way you can be assured that data you enter in the web browser is communicated safely to the Axxerion server.
Encryption: Confidential information such as passwords or salaries are stored in the database using 128-bit encryption. This offers added security when somebody tries to connect directly to the database. An extra seeding algorithm avoids that equal values result in the same encrypted value.
Access log: The system keeps a record of all user logins. The system administrator can see who has accessed the system and at what time. When a user has logged in to the system the last access date is displayed so that the user can be informed of any unauthorized access.
User group access: Users can be assigned to one or more user groups that have a default access permission. User groups are structured as a hierarchy so that they can inherit access permissions from their parent group, which ensures consistency and saves time in setting up the security model.
Object type access: A default access right can be defined for every object type. For example, users that are assigned to the user group 'external users' will never be able to see any information of the object 'employee'.
Field access: Every object in the system has a number of data fields. Access permissions can be defined separately for each field and user group. When a field is used on several pages the access rights of that field are the same for all pages.
Object instance access: The access permissions for an object type can be overridden at the individual object level. For example, if a user has a default 'view' access to documents the access can be set to 'none' for a particular document.
Folder access: When objects are placed in folders the access permission of the folder applies to all objects and folder in that folder. When the access permission of a folder is set to 'none' the folder is not visible to the user.
Function access: Access rights can be set for every function, such as create, view or delete. When the access right is set to 'none' the button for invoking that function does not appear. Function access can also be used to set the access permissions to the modules for a particular user group.
Workflow status access: Access permissions to fields and functions can be dependent on the status of the workflow. For example, when a document has a status 'published' it is not possible to change the name of the document or delete the document.
Application access: Some access permissions are directly set by the application based on business logic. These access permissions ensure data integrity and can not be set by the user. For example, when a document is checked out the check in button is not available to other users.
Backup DVD: You can order a DVD with all documents and a backup of your data in XML and CSV format. This DVD can be sent every month as part of your subscription.
Backup site: A full backup is made every night. The backup is installed on a backup site via secure FTP. You can login on the backup environment to verify the backup. The backup site also functions as a disaster recovery site.

Pdf Download security whitepaper
Copyright © 2012 AxxerionDutch-English