Versions Compared

Version Old Version 8 New Version 9
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
Column
width400px

 

Cloud Security

Column
width400px

 

 

Application Security

Column
width240px

On This Page:

Table of Contents

...

  • Default security provider -  password salt and hashing.

  • Security provider integration with/delegation to third-parties, including SAML/SSO.

  • Access may be monitored and revoked.

  • Password reset/recovery self-service.

Authorization

Design Time

  • Forms/Flows owned by designer with all access granting authority.   Only the designer/owner may modify the form/flow design.

  • Flow administration may be granted to any other user/role to give full access to audit trail and ability to modify/abort running instances.

  • Access to a flow instance’s audit trail may be granted to all participants or a to a custom set of users/roles.

  • Only the designer/owner may deploy the form/flow to production.  Best practice is to have a deployer account on production system that owns the form/flow.

End User/Run Time

  • The designer/owner of a form/flow may designate who may use the form/flow with options for:

    • public access (anyone including anonymous users)

    • private access (the designer/owner only)

    • public in tenant (authentication users logged into tenant only)

    • Custom set of users or roles only.

  • The designer/owner of a form/flow may designate separately who may view individual submissions or may edit individual submissions.  Either of these access lists may contain specific sets of individual users or roles.  Additionally, specific access to individual submissions can be dynamically determined from the form/flow content at the time of submission in order to provide very granular access to specific submissions to specific users/roles.

Encryption

  • All data and app access encrypted via SSL/TLS (encryption in motion).

  • All data at rest is encrypted (AES 256).

  • All passwords salted and hashed.

Accountability

  • All workflow activity logged to an audit trail with access controlled by the designer/owner.

  • All system access/authentication events logged.

Integration

  • Secure integration with third-party cloud services.  Support for OAuth tokens and specification of service credentials at the tenant and service level where applicable.

...