Security
Audim Corporate Technical Security

Security is fundamental to the Audim Monitoring System.

 

Security features were built in from the initial design rather than being added afterwards.

 

There are a number of security features, which are implemented at a number of levels:

 

The PDA

 

The PDA system is used to gather Audit data so that it can be uploaded to the main Audim system. The PDA also has functionality that allows the management of Tasks.

 

Security features of the PDA system:

 

  • When it is first installed, the PDA system is empty. It has to communicate with the main Audim system to get permission to fully populate the PDA. This permission is only given by an Administrator to known users of the system. Once permission is given via synchronisation, full installation and data population is completed.
  • Once fully installed, access to the system is via Username and Password.
  • The data on the PDA cannot be accessed as the database is locked. If a PDA is stolen, the data on the PDA cannot be copied or used.
  • Data on the PDA is encrypted.

 

 		 

 

Communication between the PDA and main Audim system (synchronisation)

 

The PDA communicates with the main Audim system via a "web-service". This can be done via a number of methods dependent on the capabilities of the PDA device (direct connection via ActiveSync, 3G, Wi-Fi, Bluetooth etc).

 

Security features of the PDA Sync:

 

  • The flow of data from the PDA to the main Audim system is encrypted (AES 128 bit encryption).

 

 

 

 

The main Audim system

 

This is the main part of the Audim system. It is accessed via browser and has all the functionality that allows users to view and manage Audits, Tasks and Action Plans. Data can be viewed by Calendar and Reports can be generated.

 

Security features of the Audim System:

 

  • Access to the system is via Username and Password.
  • All data that flows between the browser and the system is fully encrypted (AES 128 bit encryption).
  • The SSL certificate is provided by GeoTrust http://www.geotrust.com/
  • The data in the Audim system is hosted either at the clients site (thereby subjects to the client’s own internal data security measures) or hosted by Audim. Audim hosted solutions are covered by these security and server protection measures:

 

    • Password protected database.
    • Server on which database stored is protected by multiple physical security measures.
    • UPS and generator back up power.
    • Raised floors, multiple redundant air conditioning systems.
    • Resilient network architecture.
    • Exceptional bandwidth