SaaS Security and Compliance
1. Data Security Basics (Encryption, Access Control)
-
Encryption:
Encryption technologies are used to secure data during transmission and while at rest. -
Access Control:
Enforce strict user and administrator access controls based on defined permissions and roles.
2. Compliance (GDPR, ISO, SOC, etc.)
-
Compliance Standards:
Support for global and industry-specific standards such as GDPR, ISO, and SOC. -
Internal Audits:
Conduct regular security audits and compliance checks to ensure adherence to policies and requirements.
3. Security Audits and Log Handling
-
Log Management:
Operational logs are recorded to support analysis of unauthorized access and system failures. -
Audit Procedures:
Define and document procedures for internal and external audits, including access logs and incident records.
4. Security Features Provided by SaaSus Platform
-
Token-Based Authentication:
SaaSus Platform uses token-based authentication, issuing ID tokens, access tokens, and refresh tokens upon login. These tokens are attached to requests to verify user identity. -
User Activity Log Recording and Visibility:
SaaSus Platform records user activity—such as API executions—and provides a visual interface to review them. These logs are useful for audit trails and detecting unauthorized access. -
IP Address Restrictions:
SaaSus Platform allows you to restrict authentication requests based on source IP addresses. This helps block unauthorized login attempts from untrusted networks.