In light of recent cyber security breaches, we would like to give everyone a bit of an overview of Op Central's data security. This is just a quick overview and if you'd like to know more, reach out to a member of our team at firstname.lastname@example.org and we will be happy to answer your questions.
- We are proudly ISO 27001:2013 (Information security management) certified. Registry can be viewed here.
- We are also ISO 9001:2015 (Quality Management Systems) certified, which holds us to further higher standards than simply data security. Registry can be viewed here.
- Penetration testing is regularly carried out, the most recent being June 2022.
- Data stored on Amazon’s S3 and RDS services with AES-256 encryption.
- All user passwords and identifying information have a key based Bcrypt hash algorithm.
- All input methods are validated via the API to ensure incorrect methods between ‘GET’, ‘POST’, ‘PUT’, ‘DELETE’ calls.
- All encryption keys are stored outside repositories and in .env files only accessible to the security officers.
- Daily backups are managed through Amazon AWS services which are stored off the main server on ap-south-east2 (Amazon’s Sydney) server.
- All server accesses are logged and alerts sent to security officers when reached outside the whitelisted firewall.
- And many, many more features - we have well documented and strict data safety, security and management policies and protocols which we can provide a copy of at request.
In addition to the above information, there are also many local security settings and config options that you have available in your Op Central platform:
- Auto Logout - Automatically log users out of the platform after a specified period of inactivity.
- Forced Password Resets - Automatically force users to reset their passwords after a specific time period.
- 2 Factor Authentication - Require users to enter a code sent by email, in addition to their password, when they are attempting to log in.
- Restrict Copying Content - Disables the ability to highlight text on the screen and right clicking, therefore preventing a copy/paste. This is available in Manuals and News modules.
- Prevent export of content - Disables the ability to export content into PDF for printing. This is available in Manuals and News modules.
- Prevention of "Print" from browser - This is an automatic feature that prevents users from being able to "print" the page from their web browser.
- And lots more - don't forget to reach out to our team for specifics!