Security

iCore Integration Suite provides comprehensive security both on a platform and communication level.

 

Platform security

• Role-based access control (RBAC) – Set up a custom user password policy and create user groups with specific permissions tailored to the requirements of your organization.
• Auditing – Auditing lets you log user activity in your iCore system. The feature makes it easier to follow legislation that requires that you can produce records that show who has had access to and modified data in a system.
• Proxy server – Limit the access for incoming connections. Relay traffic to the iCore system from an external network or DMZ (“demilitarized zone” / perimeter network).
• Data protection – Data protection in iCIS is provided on two levels:
  • UI protection – The values of certain entities in an iCore system, for example Node attributes, can be hidden from the user in the Administrator GUI. If an entity is protected, the value can only be viewed or modified by a user with the right authorization. Protected entities can only be exported to another iCore system if the export file is also encrypted (see below).
  • Encryption – Once Encryption has been activated on an iCore system, the values of protected entities are stored in the iCore database in encrypted form and only specified users has the rights to view and edit the protected data.

Communication security

• Support for all standard communication protocols, including HTTPs, client functionality for SFTP, REST APIs with Open ID connect and OAuth 2.0, AS2, TLS.