My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
01/21/2025 Regular & Special SA
>
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/27/2025 5:03:20 PM
Creation date
1/21/2025 2:16:24 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Information Technology
Item #
26
Date
1/21/2025
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
762
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Security and Hosting Overview <br />June 2015 <br />1.3 Application Security <br />Our application provides application -level security through a combination of encryption, <br />page -level access checking, document envelopes, and activity logging. Application <br />security is handled through a combination of programming checks, application server <br />configuration, and database server configuration. SAP Fieldglass uses 128-bit SSL (HTTPS) <br />encryption for all data transmissions over the public Internet, including data shared <br />between the product and end users and data shared between the product and back -end <br />systems. <br />Passwords are encrypted using a one-way hash with salt based on the SHA-256 encryption <br />algorithm. The hash value is saved within the database; not the password. <br />The base SAP Fieldglass application does not require data that would require breach <br />notifications if compromised. If the customer chooses to store sensitive data, custom <br />fields may be defined by the customer that can be encrypted with AES-256. These fields <br />can also be optionally masked from view while entering and viewing the fields in the <br />application. <br />1.3.1 Encryption <br />By default, the application utilizes SSL encryption for all data transmissions over the public <br />Internet. <br />In addition, the SAP Fieldglass hosted application encrypts sensitive data stored on the <br />database so that only properly authorized users (or systems) will be able to decrypt the <br />data. Because no state information is stored on the application server, in the unlikely <br />event of unauthorized access to the database, the sensitive data is still encrypted. <br />1.3.2 Database Segmentation <br />SAP Fieldglass is a SaaS and utilizes a multi -tenancy database. Each customer is assigned <br />a unique company code. Every record written to the database is keyed using this company <br />code. After a user authenticates into the system, a session ID is generated which holds <br />vital information about the user including their company code, user role, and data <br />visibility restrictions. The session ID is cached server side to eliminate any ability for a <br />malicious user to modify its contents. <br />1.3.3 Document Envelopes <br />Throughout the system, there are a number of events that generate "documents." These <br />are digital representations of their real -world counterparts. For example, job postings, <br />work orders, time sheets, and invoices are all represented in the system as documents. <br />Each document in the system has an accompanying digital envelope that stores all access <br />to that document. For example, when a job posting is created, an envelope entry is added <br />for creation that records the date, time, and person. When it is submitted, another entry <br />is added recording the date, time, and person. <br />SAP Fieldglass P a g e 8 1 21 <br />
The URL can be used to link to this page
Your browser does not support the video tag.