Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
security [2020_05_27 16:44] stevensecurity [2020_05_28 12:03] – [2 Encrypted Data in Motion] jim
Line 1: Line 1:
  
 ====== Security ====== ====== Security ======
 +== Updated on May 27, 2020 ==
  
 SME provides a SaaS and hybrid on-premises multi-cloud content management solution called the Enterprise File Fabric.  This provides unique federation, governance and data management features. This section of the Wiki outlines the security that is inherent within the SME hosted and on-premises versions of the File Fabric. SME provides a SaaS and hybrid on-premises multi-cloud content management solution called the Enterprise File Fabric.  This provides unique federation, governance and data management features. This section of the Wiki outlines the security that is inherent within the SME hosted and on-premises versions of the File Fabric.
Line 27: Line 28:
  
 [[https://www.ssllabs.com/ssltest/analyze.html?d=storagemadeeasy.com|Check out]] our online sites using [[https://www.ssllabs.com/index.html|Qualys SSL Labs site check]]. [[https://www.ssllabs.com/ssltest/analyze.html?d=storagemadeeasy.com|Check out]] our online sites using [[https://www.ssllabs.com/index.html|Qualys SSL Labs site check]].
 +
 +{{::screenshot_2020-05-28_at_13.01.52.png?600|}}
  
 ===== 3 Encryption Algorithm ===== ===== 3 Encryption Algorithm =====
Line 121: Line 124:
 We follow best practices in developing secure software, as mandated by GDPR, protecting for example against injection attacks, cross-site request forgery and session hijacking. We perform a third-party vulnerability code scan for each release. We follow best practices in developing secure software, as mandated by GDPR, protecting for example against injection attacks, cross-site request forgery and session hijacking. We perform a third-party vulnerability code scan for each release.
  
-The following cookies are used. <site> is the subdomain of your instance. +These are the formats of the cookies are used. <site> is the unqualified hostname of the web addressThe unqualified hostname of %%https://files.example.com%% is files.
- +
- * PHPSESSID - Unique ID of session. RetentionSession +
- +
- * site__just_logged_in - Start page logicRetention: 1 year +
- +
- * autologin - token for remember me featureRetention: 14 days+
  
- * site__various - Remembers settings between sessions such as what folders and panels are collapsed, and the last sort order.  Retention: 1 year+^ Cookie ^ Type ^ What for ^ Retention ^ 
 +| PHPSESSID | Functional | Unique ID of session | Session | 
 +| %%<site>__just_logged_in%% | Functional | Start page logic (0 or 1) | 1 year | 
 +| autologin | Functional | Token for remember me feature | 14 days | 
 +| %%<site>__<various>%% | Functional | Remembers settings between sessions such as what folders and panels are collapsed, and the last sort order. e.g. %%files__mainTree_openedFoldersKeys%% | 1 year |
  
 ===== 14 Cyber Essentials ===== ===== 14 Cyber Essentials =====
© Copyright 2024 Nasuni.