Security & Integrity
Security & Integrity
Administrative Tasks and Security
Datacenter and Servers
- Datacenter infrastructure has DDOS and first layer of network security
- Datacenter is ISO 27001
- All our servers are all up to date on OS layer to make sure all security patches are in place
- All our servers have firewall in place to limit ports to minimal needs
- All our servers have watch dogs like Fail2Ban, port scanner, etc.
- All our servers have active monitoring
- We run pen tests on our solution to ensure safety on the releases
Secure login and authentication
LDAP and AD (SSO-Single Sign ON):
- Users with just one password can access all the apps including LabCollector.
- SSO improves security and identity protection for your valuable research data.
- LabCollector allows you to use the LDAP (Lightweight Directory Access Protocol) and AD (Active Directory) network for users
- It works with standard LDAP protocol and only uses LDAP server and domain.
- Users and Staff LDAP/AD can be directly imported.
- SSO authentication with SAML (Security Assertion Markup Language) possible with LabCollector.
- SAML uses secure tokens which are digitally signed and encrypted messages with authentication and authorization data.
Captcha & Two-Factor Authentication
- LabCollector allows to configure Two-Factor Authentication (2FA) and Captcha function
- You can configure the type of Captcha code you want (numbers, letters, length)
- 2FA allows you to add a security level when connecting to LabCollector
- 2FA uses email (and SMS if an SMS app is integrated) to send the security code
User permissions & groups
- Users can manage their own data. However, new and edited data will be added to Waiting Data and will require validation by administrators or the super administrator.
- Staff can see all data, create common boxes but can only manage their own data.
- Staff+ can see all data, process orders, follow budgets and invoices, use the memorize items function, create common boxes but can only manage their own data.
- Admin can see all data, manage all data from all users and validate waiting data.
- Visitor can only view and search for data.
- Passwords are kept encrypted with legacy or SHA-256 or SHA-256+ modes having “strong” rules.
- Groups of users can also be defined with specific access rules on modules for even more security. Different privacy modes can be defined to isolate users.
Data backups
- LabCollector allows data back-up to secure your important data.
- You can schedule an automatic backup as and when you require.
- Downloading backed-up data is made more easier with LabCollector.
- You can schedule the database backup either daily, monthly or weekly.
- More complete backup is offered by LabCollector Server Manager which allows backup of the entire LabCollector instance in your desired folder. Read More….