Security & Reliability
Secure Your Company Passwords and Information
- SplashID Enterprise stores passwords and other information and protects them
with powerful FIPS-approved 256-bit AES encryption plus additional layers of security (see below)
- No records are stored locally on users’ hard drives,
giving IT complete control over records
- Since SplashID makes it easy to remember passwords, employees
are better able to follow
recommended procedures for creating strong passwords.
- SplashID includes a password generator capable of creating
hard-to-guess random passwords.
SplashID Enterprise allows you to securely store company data. Data
is encrypted, protected, and locked on a central database, and only
users that have access to the system can read or edit data.
Key Security Features of SplashID Enterprise
- Blowfish and AES encryption - Your SplashID data
goes through two rounds of encryption - 256-bit AES and 256-bit
Blowfish. The password is also encrypted within the MySQL database.
SplashID Enterprise uses approved Blowfish and AES libraries for
all of its encryption and key generation. SplashID Enterprise is
also compliant with FIPS 140-1 and FIPS 140-2
- Secure communication - Client-server communication of
SplashID data occurs only when the data is in an encrypted state.
Communication is directly over TCP/IP, where IPsec provides an
additional layer of security.
- Secure MySQL database - MySQL itself encrypts the data
using the in-built MySQL encryption methods. Only the SplashID
Enterprise Admin with root access can log in to the database. If
the database is running locally or within the company network,
TCP networking can be disabled for remote access.
- User Permissions - While creating users, the SplashID
Enterprise Admin applies access control settings for each user.
The Admin assigns Group and record based permissions, and so each
employee's access depends on the permissions granted by the Admin.
- Secure Backups - SplashID Enterprise Admin can backup
the company's SplashID data to a secure password protected SplashID
vID file. Also, the entire MySQL database can be backed up, and
that backup is also encrypted.
- Timeout - SplashID will automatically lock and hide the
data after a specified period of time, so the Admin or employee
doesn't need to remember to logout of SplashID when leaving a desk.
- Strong Password Generator - Admin and users can use the
customizable Password Generator in SplashID to create passwords
that are complex and unguessable.