Data security in information systems is a key issue of the modern world and in particular it concerns the area of security companies. Safestar introduces global standards in data access security.
Safestar automatically controls the quality of the password, so create passwords so that the "password strength" indicator shows at least 50%. The message "Password is simple" should not appear. Pay attention to the recommendations.
Two-level login using SMS codes
Thanks to two-step authorization, Safestar will automatically send an SMS code to the user's phone number when logging in. The condition to log into the system will be to provide this code.
This option can be used in convenient cases when:
- every login
- logging in from another browser (other device),
- access from a different IP address than before.
Periodic mandatory password change option
Periodic password changes affect the security of access to data. In the account settings (account / accounts / configuration tab) you can set automatic, periodic password change for all users in your company. Take the appropriate time to inform all users in the company. After a certain period of time, the system will ask users to change their password.
Data access authorizations
Defining access to objects and groups of objects
Data security in systems is affected by access rights. In Safestar, each user can be given access to specific objects and thus to specific data related to these objects:
- address data
- personal data of contact persons
- video streams
- geographical positions
Determining access to video streams at the configuration level
When configuring (adding) a video recorder, the system administrator can choose which video streams (cameras) can be visible in the system at a given site.
Temporary data processing
Contact persons with start and end dates
When adding contact details, you can indicate the period during which the details of the persons may be visible.
Object monitoring date
When adding an object, you can indicate the period during which the object is monitored.
When adding notes, you can indicate the period of validity after which the information will not be presented.
Key account persons responsible ACCOUNT / EDITING / CONTACT DETAILS
The system has a form with contact details of key people in the company, including those responsible for personal data protection. The data entered in the form requires verification.
Personal data search engine - ACCOUNT / SEARCHING FOR PERSONAL DATA
In terms of the requirements related to personal data protection, a form has been created in the system that allows searching for specific data in four areas of the system's functioning:
- contact persons
- system users (logins)
- intervention groups, specialist, etc.
- key contact persons
In the field of ICT security, Safestar meets the following requirements.
- Encrypted data transmission (SSL)
- Encrypted passwords and other selected data
- 2 firewalls connected in a cluster
- Database Cluster
- Backup copies from an independent, second Data Center
- Independent cable entries into the building
- Independently fiber optic lines
The description provided contains elements that can be made public. For security reasons, these options are described generally and are not all the security elements that are used.
In the physical security of the infrastructure, Safestar meets the following requirements.
- UPS systems
- Fire detection system and early smoke detection system
- Gas extinguishing system
- Closed circuit television (CCTV)
- Access Control (SDK)
- Burglary and assault signaling system (SSWiN)
- Security guards monitoring the facility 24/7
- Verification of the identity of persons entering the facility
- Visits of guests in the escort of the facility's services
You can find detailed information about physical security here.
Information Security Management System
DMSI Software Sp. z o. o. which is the producer and operator of the Safestar Cloud service, has implemented an information security management system based on the ISO 27001 standard.