Encryption of the admin tool
In our admin tool (the Content Management System) all data comes together; it’s a very important tool. The admin tool is secured with a login and password. The data sent to and from the admin tool user is encrypted via SSL. There are several roles and rights within the CMS. This separates environments. Only database administrators have access to the data.
Roles and rights
Different roles and rights in the system (admin to prospect) shield the data between the different companies. For example, it’s not possible for an administrator to view data from another company, but the root user (highest role) can view and edit all data. When a user receives an invitation to a seminar, he or she has the prospect role. After registering for a seminar, the role is adapted to client. In addition to these roles, there are roles of presenter and moderator. These are rights that are granted to a person per seminar to protect the data.
Employees of Online Seminar, when they are actively working on the system, have the role “root user” in order to to help all customers. When an employee no longer actively works on certain customer data, this employee is moved to a lower role.
Protocols
In order to provide the fullest possible coverage with Online Seminar, various protocols are supported. No other route is possible between sender and receiver; the protocols protect against manipulation. We check each address before sending data. The protocols are checked in sequence and when the user (or the company where the user is located) accepts the protocol, the connection is established.
Encryption
The entire website of Online Seminar is served under HTTPS (SSL - 2048 bits key length), this provides a 256 bit encryption. The video and audio layer is standardly served under SSL.
How do we store data?
User data
The user data stored within the system are protected by a username and password. The password per user is encrypted (hash encryption). The user can change the data at any time.
Back-up
The database is backed up to an off-site location on a daily basis.