- Maximum security standards with a system that is immediately adapted to the latest findings on new vulnerabilities
- Transport encryption with fully HTTPS-based communication
- Reliable access protection with personalized logins and multi-factor authentication
- Confidentiality, authenticity and integrity of data through a combination of encryption methods
Communication between end users and the system takes place entirely via HTTPS, the tap-proof hypertext transmission protocol. The system components also communicate on different computers, for example, when transferring user data represented as BLOBs, using HTTPS transport encryption. In addition, HTTP Strict Transport Security (HSTS) is preconfigured and can be easily activated. HSTS is an additional security mechanism for HTTPS connections to protect against both downgrade attacks and session hijacking. CONTACT Elements Security immediately adapts the parameters and options used to the latest findings on new vulnerabilities.
CONTACT Elements Security supports robust log-in procedures for user identification and authentication. Depict your central password-based user administration via the LDAP protocol. Use the Kerberos authentication service in an Active Directory environment for passwordless SSO user authentication. LDAP integration provides the necessary methods for user matching, while Kerberos provides the identity of the users.
Multi-layered defense with multi-factor authentication
In addition, CONTACT's multi-factor authentication (MFA) secures access to virtual destinations such as computers, networks, databases or location access. MFA is a multi-layered defense against Internet attacks that combines two or more proofs of identity. The user does not only need a password, but at least one other feature that proves his or her identity - e. g. via smartphone, smartcard or security token. You can also use biometric features such as fingerprints or iris patterns for authentication.
CONTACT Elements Security protects the data in motion using Transport Layer Security (TLS). More familiar is the hybrid encryption protocol for secure data transmission on the Internet under the predecessor name Secure Sockets Layer (SSL). Encryption is based on the current TLS 1.2 standard with Perfect Forward Secrecy (PFS) and an integrated encryption method called Authenticated Encryption with Associated Data (AEAD). CONTACT Elements Security uses the AE method AES in Galois/Counter Mode (AES-GCM). This combination of the encryption process with a Message Authentication Code (MAC) that provides certainty about the origin of the data ensures not only confidentiality but also the authenticity and integrity of the data.
Verify documents and complex PLM objects faster and meet regulatory requirements
Speed up circulation procedures for verification and approval processes
Meet regulatory requirements and improve validity control and process reliability
Intelligent document logistics: organizing and utilizing know-how enterprise wide
Make all important documents available on every workstation
Save valuable time when searching for documents
Protect valuable know-how
Speed up test and release processes
Comply with regulatory requirements much more easily
Role-based, comprehensive regulation of access to project and product data along their processes, thus protecting know-how
Implement key requirements for know-how protection reliably throughout the entire company
Take advantage of the possibilities offered by a particularly powerful and dynamic rights system
Ensure validity control with reliable version management while at the same time providing support for collaboration