Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
security [2020_05_27 16:44] – steven | security [2020_05_28 12:06] – [2 Encrypted Data in Motion] jim | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Security ====== | ====== Security ====== | ||
+ | == Updated on May 27, 2020 == | ||
SME provides a SaaS and hybrid on-premises multi-cloud content management solution called the Enterprise File Fabric. | SME provides a SaaS and hybrid on-premises multi-cloud content management solution called the Enterprise File Fabric. | ||
Line 18: | Line 19: | ||
===== 2 Encrypted Data in Motion ===== | ===== 2 Encrypted Data in Motion ===== | ||
- | HTTPS is configured by default for all users of the Cloud File Server SaaS users and Appliance. | + | HTTPS is configured by default for all users of the hosted version of the File Fabric |
A commercial server that uses HTTPS must have a public key certificate issued that verifies the entity. The end-user can verify the entity by clicking on the HTTPS icon from the browser. | A commercial server that uses HTTPS must have a public key certificate issued that verifies the entity. The end-user can verify the entity by clicking on the HTTPS icon from the browser. | ||
Line 27: | Line 28: | ||
[[https:// | [[https:// | ||
+ | |||
+ | {{:: | ||
===== 3 Encryption Algorithm ===== | ===== 3 Encryption Algorithm ===== | ||
Line 121: | Line 124: | ||
We follow best practices in developing secure software, as mandated by GDPR, protecting for example against injection attacks, cross-site request forgery and session hijacking. We perform a third-party vulnerability code scan for each release. | We follow best practices in developing secure software, as mandated by GDPR, protecting for example against injection attacks, cross-site request forgery and session hijacking. We perform a third-party vulnerability code scan for each release. | ||
- | The following | + | These are the formats of the cookies are used. < |
- | + | ||
- | * PHPSESSID - Unique ID of session. Retention: Session | + | |
- | + | ||
- | * site__just_logged_in - Start page logic. Retention: 1 year | + | |
- | + | ||
- | * autologin - token for remember me feature. Retention: 14 days | + | |
- | * site__various - Remembers settings between sessions such as what folders and panels are collapsed, and the last sort order. | + | ^ Cookie ^ Type ^ What for ^ Retention ^ |
+ | | PHPSESSID | Functional | Unique ID of session | Session | | ||
+ | | %%< | ||
+ | | autologin | Functional | Token for remember me feature | 14 days | | ||
+ | | %%< | ||
===== 14 Cyber Essentials ===== | ===== 14 Cyber Essentials ===== |