Information Security Layers

Glassix provides various information security layers both default or optional.

Methods

Additional Info

Default / Optional

SSL

The connection to this site via browser or API is using a valid, trusted server certificate issued by Go Daddy Secure Certificate Authority - G2. The connection to this site is encrypted and authenticated using TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_128_GCM (a strong cipher).

Default

Users Roles

​Glassix provide it's users with various security roles and user types such as read-only, reporting, agent, manager, system administrator, API & bot - every role/type with it's limitations

Default

Access Token

An Access Token is a short-lived credential used to authenticate your application or browser to Glassix. The appropriate role is embedded within your access-token to control your access.

Default

Auto Idle Logoff

Logging of the users after a default idle time of 4 hours (can be configured)

Default

Failed Login Attempts Lock

Locking users after 5 wrong password inputs for 5 minutes

Default

reCAPTCHA v3

reCAPTCHA v3 for login screen

Default

Malware scan

Auto malware scan for attachments

Default

Images Reassemble

Glassix is reassembling inbound images to avoid codec malware injection and malicious links. Reassembling images by changing the file format allows us to drop any malicious "codec" download path that is used to inject harmful code.

Default

Audit Logs

Security audit logs for all critical and sensitive processes

Default

Directory browsing

Directory browsing is disabled. All embedded content is provided with a unique issued token with an expiration date

Default

Support

Our support team can't access your data without a time-frame limited access provided by manager or system administrator roles within your organization

Default

IP White list

IP White list to approve access for both for users login & API calls

Optional

Password Policy

Set your desired password policy for your users

Optional

Login 2FA

Users login 2FA with an SMS message

Optional

Data Scramble

Data scramble via API or after ticket closure

Optional

File Types

Glassix supports in/outbound specific file types. Allowed file types can be updated.

Optional

PDF Reassemble

Glassix is reassembling PDF docs to avoid malicious links

Optional


How did we do?

Powered by HelpDocs (opens in a new tab)