Glassix provides various information security layers both default and optional.
The connection to this site via browser or API requires using a valid, trusted server certificate issued by Go Daddy Secure Certificate Authority - G2. The connection to this site is encrypted and authenticated using TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_128_GCM (a strong cipher).
Glassix provides it's users with various security roles and user types such as read-only, reporting, agent, manager, system administrator, API & bot - every role/type with it's limitations.
An Access Token is a short-lived credential used to authenticate your application or browser to Glassix. The appropriate role is embedded within your access-token to control your access.
Auto Idle Logoff
Logging off the users after a default idle time of 4 hours (can be configured).
Failed Login Attempts Lock
Locking users after 5 wrong password inputs for 5 minutes.
reCAPTCHA v3 for login screen.
Auto malware scan for attachments.
Glassix is reassembling inbound images to avoid codec malware injection and malicious links. Reassembling images by changing the file format allows us to drop any malicious "codec" download path that is used to inject harmful code.
Security audit logs for all critical and sensitive processes.
Directory browsing is disabled. All embedded content is provided with a unique issued token with an expiration date.
Our support team can't access your data without a time-frame limited access provided by a user within your organization with manager or system administrator role.
IP White list
IP White list to approve access for both for users login & API calls.
Set your desired password policy for your users.
Users login 2FA with an SMS message.
Data scramble via API or after ticket closure.
Glassix supports in/outbound specific file types. Allowed file types can be updated.
Glassix is reassembling PDF docs to avoid malicious links.
Updated 6 months ago