- Users can only access only the part of the system designated for operations on their user account.
- Under no circumstances can the user access data in other accounts. This is done by implementing a series of measures at the level of the application and application code.
- All access to the application is by means of an encrypted HTTPS connection. Therefore, it is not possible to “overhear” the password for access into the system.
Securing at network level
- The whole system operates in a separate network segment and contains a network firewall. The application and data layers are not publicly accessible.
- The SQL server is secured at the level of defined user rights, and access to the server is not possible from a public network.
- Within the application, only system accounts are used with restricted access to data.
Securing of virtual servers
- All application and database servers are installed as virtual servers. They are secured and are not accessible from a public network. Only services are permitted on the servers that apply to the role of the server in the network infrastructure.
- The hardware for hosting virtual infrastructure with the system is located in a secured room with camera protection in the object with physical observation 24/7. Only authorized personnel have access to the room.