In light of recent cyber security situations with large tech organisations, here is a high level reminder/overview of Op Central's security and data safety. Please reach out to our Success Team if you'd like to discuss needs specific to your business.
- We are proudly ISO 27001:2013 (Information security management) certified. Registry can be viewed here.
- We are also ISO 9001:2015 (Quality Management Systems) certified, which holds us to further higher standards than simply data security. Registry can be viewed here.
- Yearly penetration testing is regularly carried out by an external auditor, the most recent being June 2023.
- Data stored on Amazon’s S3 and RDS services with AES-256 encryption.
- All user passwords and identifying information have a key based Bcrypt hash algorithm.
- Advanced Captcha tests on login attempts to prevent brute force attacks.
- All input methods are validated via the API to ensure incorrect methods between ‘GET’, ‘POST’, ‘PUT’, ‘DELETE’ calls.
- All encryption keys are stored outside repositories and in .env files only accessible to the security officers.
- Daily backups are managed through Amazon AWS services which are stored off the main server on ap-south-east2 (Amazon’s Sydney) server.
- All server accesses are logged and alerts sent to security officers when reached outside the whitelisted firewall.
- And many, many more features - we have well documented and strict data safety, security and management policies and protocols which are audited externally on a regular basis.
In addition to the above information, there are also many local system security settings and config options that you have available in your Op Central platform. Overview below, or click here for a full tutorial.
- Auto Logout - Automatically log users out of the platform after a specified period of inactivity.
- Forced Password Resets - Automatically force users to reset their passwords after a specific time period.
- 2 Factor Authentication - Require users to enter a code sent by email, in addition to their password, when they are attempting to log in.
- Restrict Copying Content - Disables the ability to highlight text on the screen and right clicking, therefore preventing a copy/paste. This is available in Manuals and News modules.
- Prevent export of content - Disables the ability to export content into PDF for printing. This is available in Manuals and News modules.
- Prevention of "Print" from browser - This is an automatic feature that prevents users from being able to "print" the page from their web browser.
- And lots more - reach out to our Success Team if you'd like to discuss your current set-up.