Blog

Ideagen Op Central system security overview

Written by Admin | Nov 6, 2022 1:00:00 PM

In light of recent cyber security breaches, we would like to give everyone a bit of an overview of Ideagen Op Central's data security. This is just a quick overview and if you'd like to know more, reach out to a member of our team at contact@opcentral.com.au and we will be happy to answer your questions.

  1. We are proudly ISO 27001:2013 (Information security management) certified. Registry can be viewed here.
  2. We are also ISO 9001:2015 (Quality Management Systems) certified, which holds us to further higher standards than simply data security. Registry can be viewed here.
  3. Penetration testing is regularly carried out, the most recent being June 2022.
  4. Data stored on Amazon’s S3 and RDS services with AES-256 encryption.
  5. All user passwords and identifying information have a key based Bcrypt hash algorithm.
  6. All input methods are validated via the API to ensure incorrect methods between ‘GET’, ‘POST’, ‘PUT’, ‘DELETE’ calls.
  7. All encryption keys are stored outside repositories and in .env files only accessible to the security officers.
  8. Daily backups are managed through Amazon AWS services which are stored off the main server on ap-south-east2 (Amazon’s Sydney) server.
  9. All server accesses are logged and alerts sent to security officers when reached outside the whitelisted firewall.
  10. And many, many more features - we have well documented and strict data safety, security and management policies and protocols which we can provide a copy of at request.

In addition to the above information, there are also many local security settings and config options that you have available in your Ideagen Op Central platform:

  1. Auto Logout - Automatically log users out of the platform after a specified period of inactivity.
  2. Forced Password Resets - Automatically force users to reset their passwords after a specific time period.
  3. 2 Factor Authentication - Require users to enter a code sent by email, in addition to their password, when they are attempting to log in.
  4. Restrict Copying Content - Disables the ability to highlight text on the screen and right clicking, therefore preventing a copy/paste. This is available in Manuals and News modules.
  5. Prevent export of content - Disables the ability to export content into PDF for printing. This is available in Manuals and News modules.
  6. Prevention of "Print" from browser - This is an automatic feature that prevents users from being able to "print" the page from their web browser.
  7. And lots more - don't forget to reach out to our team for specifics!