Security - Built In

Security is built into the hrMecca administration system and not "bolted on" as an after thought. It exists at the infrastructure layer (two factor authentication and database encryption for example) as well as at the application layer (menu, screen, field and organizational security as well as full data change audit trails). Integration with the popular Snort Intrusion Detection System provides an unparalleled level of protection from Internet based exploits.

[ back to Our Product ... ]

Two factor authentication is available at login. The system can be configured to require a username/password as well as a previously registered fingerprint.

Passwords configuration can be set to require a certain length and have a specified number of letters and characters. Configuration parameters also control how long a password can be used before it must be changed by the user. Password histories are kept so that passwords can not be reused. Threshold values can be set to lock the user out after a configurable number of unsuccessful login attempts.

[ back to Our Product ... ]

A fingerprint registration dialog allows a user's fingerprint to be registered with the system. Access security can control who has access to this dialog.

[ back to Our Product ... ]

At login, a message appears informing the user of any unsuccessful login attempts. It also provides a brief history of what they did during their last session. This dialog allows the user to understand if anyone has tried or been successful at compromising their credentials.

[ back to Our Product ... ]

Database encryption (AES 128 bit) exists at the column level. Screen XML congfiguration determines which fields are encrypted. Encryption keys are not stored on the server. They are entered when the application is first started up for a client family (typically, development, QA and Prod for a single client).

[ back to Our Product ... ]

Screen XML configuration allows full data auditing to be turned on at the field level. When the user clicks on the Audit Trail icon that is present in the Icon bar, the following dialog appears. Clicking on the column headings allows the user to sort the audit information by date, user, field name, description and process name. From this dialog, the user can also navigate to audit information for other screens. An Audit Trail report is also available that allows the user to report on data changes across screens, employees, users, dates, etc.

[ back to Our Product ... ]

The System allows the master application configuration file to be edited from within the system and written to the file system in an encrypted format using AES 128 bytes encryption.

[ back to Our Product ... ]

Similarly, client specific configuration files can also be edited from within the system and written in an encrypted format using AES 128 bytes encryption.

[ back to Our Product ... ]

Snort IDS Integration

The hrMecca administration platform is tightly integrated with the widely used Snort Intrusion Detection System software. Events can be reported on from within the system, resolutions can be attached to specific events and signature lookups can be run against the extensive database of IDS exploits.

[ more info ... ] [ back to Our Product ... ]

Role Based Security Model

XML configuration parameters allows role based security to be established. This allows fine grained control over who has access to what screens and fields. New/Write/Delete security provisions allow a user to view a screen but not save it and/or enter a new record and/or delete a record. Organizational security can be setup to prevent users from one location from viewing employee data from another location. The data query engine and audit trail reporting is aware of all of these security provisions.

[ back to Our Product ... ]