Information Security Layers
Overview
Glassix provides various information security layers both default and optional.
Security Layers
| Methods | Additional Info | Defailt/Optional |
|---|---|---|
| SSL | The connection to this site via browser or API requires using a valid, trusted server certificate issued by Go Daddy Secure Certificate Authority - G2. The connection to this site is encrypted and authenticated using TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_128_GCM (a strong cipher). | Default |
| Users Roles | Glassix provides it's users with various security roles and user types such as read-only, reporting, agent, manager, system administrator, API & bot - every role/type with it's limitations. | Default |
| Access Token | An Access Token is a short-lived credential used to authenticate your application or browser to Glassix. The appropriate role is embedded within your access-token to control your access. | Default |
| Auto Idle Logoff | Logging off the users after a default idle time of 4 hours (can be configured). | Default |
| Failed Login Attempts Lock | Locking users after 5 wrong password inputs for 5 minutes. | Default |
| reCAPTCHA v3 | reCAPTCHA v3 for login screen. | Default |
| Malware scan | Auto malware scan for attachments. | Default |
| Images Reassemble | Glassix is reassembling inbound images to avoid codec malware injection and malicious links. Reassembling images by changing the file format allows us to drop any malicious "codec" download path that is used to inject harmful code. | Default |
| Audit Logs | Security audit logs for all critical and sensitive processes. | Default |
| Directory browsing | Directory browsing is disabled. All embedded content is provided with a unique issued token with an expiration date. | Default |
| Support | Our support team can't access your data without a time-frame limited access provided by a user within your organization with manager or system administrator role. | Default |
| Customer Data Backups | Glassix performs regular backups of Customer Data. Customer Data is backed up both incremental and full-mode, retained redundantly across multiple availability zones, and encrypted in transit and at rest. | Default |
| IP White list | IP White list to approve access for both for users login & API calls. | Optional |
| Password Policy | Set your desired password policy for your users. | Optional |
| Login 2FA | Users login 2FA with an SMS message. | Optional |
| Data Scramble | Data scramble via API or after ticket closure. | Optional |
| File Types | Glassix supports in/outbound specific file types. Allowed file types can be updated. | Optional |
| PDF Reassemble | Glassix is reassembling PDF docs to avoid malicious links. | Optional |
Updated over 1 year ago