Security
Audim Corporate Technical Security

Security is fundamental to the Audim Monitoring System.

 

Security features were built in from the initial design rather than being added afterwards.

 

There are a number of security features, which are implemented at a number of levels:

 

The mobile device

 

The mobile system is used to gather Audit data so that it can be uploaded to the main Audim system. The PDA also has functionality that allows the management of Tasks.

 

Security features of the mobile system:

 

  • When it is first installed, the mobile system is empty. It has to communicate with the main Audim system to get permission to fully populate the device. This permission is only given by an Administrator to known users of the system. Once permission is given via synchronisation, full installation and data population is completed.
  • Once fully installed, access to the system is via Username and Password.
  • The data on the device cannot be accessed as the database is locked. If a device is stolen, the data on the device cannot be copied or used.
  • Data on the device is encrypted.

 

 
 

 

Communication between the mobile device and main Audim system (synchronisation)

 

The mobile device communicates with the main Audim system via a "web-service". This can be done via a number of methods dependent on the capabilities of the device (direct connection via ActiveSync, 3G, Wi-Fi, Bluetooth etc).

 

Security features of the Sync:

 

  • The flow of data from the device to the main Audim system is encrypted (AES 128 bit encryption).

 

 

 

 

The main Audim system

 

This is the main part of the Audim system. It is accessed via browser and has all the functionality that allows users to view and manage Audits, Tasks and Action Plans. Data can be viewed by Calendar and Reports can be generated.

 

Security features of the Audim System:

 

  • Access to the system is via Username and Password.
  • All data that flows between the browser and the system is fully encrypted (AES 128 bit encryption).
  • The SSL certificate is provided by GeoTrust http://www.geotrust.com/
  • The data in the Audim system is hosted either at the clients site (thereby subjects to the client’s own internal data security measures) or hosted by Audim. Audim hosted solutions are covered by these security and server protection measures:

 

    • Password protected database.
    • Server on which database stored is protected by multiple physical security measures.
    • UPS and generator back up power.
    • Raised floors, multiple redundant air conditioning systems.
    • Resilient network architecture.
    • Exceptional bandwidth