A Billing Platform processes and stores sensitive data. Service providers Businesses expect that the data is treated in a secure manner with applicable levels of governance. Security is a critical and important component of the LogiSense offering. LogiSense provides a layered approach to security starting with strong password and account management. The LogiSense Billing portal can only be accessed via the secure HTTPS based protocol. Strict role based policies ensure that only authorized users can access sensitive customer data and logs. In addition to this, applicable governance and privacy regulatory requirements such as GDPR are met.
...
LogiSense uses a layered approach for Security by combining various methodologies to achieve the highest level of security without unduly impacting the user experience.
...
Layer | Description |
---|---|
Password MangementManagement | This encompasses the creation and enforcing of strong passwords, failed logon limits, password history, and account lockouts. |
Role Based Permissions | Restricting access to Admin Portal by using the IIS IP restrictions. Granular permissions can be configured through the admin portal which indicate which define applicable access control rights for login users |
LogiSense Database ServerAuthentication of User Traffic | Encrypt (via SSL) and authenticate user traffic between the client browser and the IIS web server hosting the Admin Portal. Prevent username and passwords from being sent in plain text across the internet. |
Firewall Protection | Safely and securely host the admin portal behind a corporate Firewall. Require all users LogiSense system administration staff to VPN and authenticate with the network prior to accessing any parts of the portalinfrastructure. |
Hosting Security
LogiSense provides two deployment models: on premise and private cloud. The on premise deployment is suited for customers who wish to host on their own infrastructure with their own security policies. The private cloud solution is hosted on the Amazon Web Services (AWS) hosting environment. The LogiSense hosting environment is SSAE16 and ISO/IEC 27001 compliant and offers extensive protection of data, guards against service interruptions.
...
Encryption is performed where necessary in the platform to ensure that sensitive information is protected. One example is database password and non-tokenized payment information. Multiple options are provided for password security in the Admin Portal. Password parameters such as minimum password length and rules can be configured on a per role basis. Mechanisms are provided via the admin portal to reset passwords where necessary: for example, if a password times out of expires.
...