Enabled Security Measures
The following measures are built-in as standard:
- SSL. An active SSL certificate is present on the server to ensure that communication between server and end-user is encrypted. This means that no information is transmitted in plain text between the user’s computer and the administration platform.
- ReCaptcha. The service uses a robot protection system, ReCaptcha, which requires the user to perform an action to log in. This ensures that robot scripts cannot guess their way through with multiple requests and gain access to the system. If the ReCaptcha system detects suspicious traffic, the function and login are blocked.
- BankID. There is an option for users to authenticate themselves with BankID at login.
- Encryption. All sensitive data is encrypted.
For those who desire even higher security, there are two optional additions:
- TOPT. User login can be supplemented with TOPT technology. This means that in addition to username and password, the user must also enter a one-time code at login. The function requires the user to install the Authenticator app.
- Whitelisting. Whitelisting means that the customer specifies which public IP addresses have permission to log in to the administration platform. This means that, for example, you can block all logins from all locations except your office.