Qustify including Qustify WEB 3.0 run via extremely safe internet connections. Tier 3+
The datacenters are ISO 270001 certified and comply with BORG class 4
Qustify uses authentication, authorization and auditing mechanisms to safeguard data in the database. To enhance this protection, Qustify also supports Transparent Data Encryption (TDE). With this function you can protect sensitive information in the database by encrypting them.
Transparent Dat Encryption creates a simple and easy encryption for sensitive information in the database, without users or externally coupled applications having the key. This freedom can be very important when handling things like for example setting rules. The data have been coded transparently, after which a user gets access to the data.
Journalling and Flashing
Journalling makes it possible to indicate within Qustify which mutations must be logged in a Journal list. This Journal list then shows of each mutation exactly who made which change when.
By applying Flashing it is possible to recreate a situation conform the status of Qustify at any moment inthe past, exactly on the date and time that is required.
Virtual Private Database
A virtual private database of VPD marks data in a larger database, the safe=guarding only allowing the use of private data. Can be classified according tot he needs of the company, like for different locations, departments or persons. Only they are then qualified to see and manipulate the data.
An Escrow arrangement guarantees the continuity of automatization within companies. In unexpected situations the end user is assured of the uninterripted use of companycritical software.
In agreement an Escrow contract is made up between the software supplier, the end user and Escrow Alliance.
Source codes and documentation are, after an obligatory verification, saved in protected physical areas in two different locations.
If at any moment the software supplier unexpectedly cannot fulful its obligations, Escrow Alliance takes care that the source codes of the application are made available to the beneficiary.
Role-Based access control
Questify handles the principle of Role-Based Access Control (RBAC), an easy method to control access to information systems in an effective and efficient way.
A characteristic of RBAC is that individuals are not directly authorized in Qustify, but that they only acquire rights in the form of group membership, based on their role in an organization or company process. The persmissions for objects/functions in Questify can also be grouped in roles.
Connecting the user’s role in the organization to a role in Qustify, makes it simple to determine the effective rights of a user (provisioning).
Next to the defined roles, specific characteristic can be added to roles. This makes it possible to create unique inclussions and exclusions. Like the rol of personnel management where user can’t see the salaries of employees who belong to the Directors department.
Users can log in with their username and password. By means of an authorization profile it’s possible to add strict conditions to passwords. some examples are::
Minimal length of password
Passwords can’t use dictionary words, personal names, and birth dates
Passwords can be time limited
Limits can be placed on re-use of passwords
Automatic refusal of entrance to a user who uses a wrong password a predetermined number of times
Qustify can be safeguarded even better through the use of third party protections. Qustify supports the following products:
- Kerberos and CyberSafe
- Smart cards
- RADIUS-compliant devices
Are you interested in more information about Qustify Security?
Vul het bijgaande contactformulier in of neem contact op met onze lokale vestiging +31 (0)24 – 352 9895.