Security

All communications between our secure data center and our clients are protected with industry standard 256-bit encryption. Sensitive information such as passwords are encrypted using a one way encryption algorithm. Passwords and other confidential informations are never stored on the client machines. All servers within our data centers are restricted to authorized personnel only. Access to servers are only allow through encrypted communication such as SSH and RDP. At the request of our clients, access to servers can be limited to specific IP addresses.

Access Control and Permissions

Access to the RiskVal system is provisioned on a per user basis. User access to the system is managed from a central server in our data center or within the enterprise system. Users are further granted access to specific features/modules based on their service entitlements.

All passwords are subjected to the following rules:

  • Each password must be 8 or more letters in length and must contain at least one capital letter, a number
  • The password cannot be a word in the dictionary
  • Passwords must be changed every 60 days
  • New password cannot be the last 5 previous passwords