MyPass Security

Information Protection

Estimated reading: 2 minutes 692 views

At Integralis we take security and information protection very seriously. To adhere to legislation as well as the security policies of our customers, the MyPass Cloud is built with information protection and security as standard. Some of the key highlights include:

  • The MyPass/FastPass Gateway and MyPass Cloud platform require SSL to connect to onsite credential repositories to guarantee secure communications. This requires SSL certificates with a minimum 2048-bit or 4096-bit RSA encryption key.
  • All internal system and database encryption is based on AES256, the highest available standard in the Microsoft .Net framework.
  • Sensitive data relating to end-user enrollment questions, personal data, and solution configuration data is stored in the database using AES256 encryption.
  • All sensitive data such as users’ answers and questions are AES256 encrypted by default. For security compliance at the highest level, user information can be hashed (in addition to encryption) to completely protect user data.
  • The MyPass Track Engine ensures that data between the client’s browser, the MyPass platform servers and the company credential repository, cannot be intercepted or re-posted.
  • End-user passwords can optionally be stored encrypted (AES 256) in the MyPass Cloud database. This further tightens security for password history (for example, manages the minimum number of differences allowable to any previously-used password).
Share this Doc

Information Protection

Or copy link

CONTENTS