PocketBiz Security

Security has become one of the main concerns in computer science. PocketBiz utilizes the best and most recent security and data protection techniques, in order to ensure non-stop operation and eliminate the possibility of crucial data leaks. It is important to note that all security techniques applied are "transparent" (invisible to the end-user) and do not affect the user-friendly features of PocketBiz.

End-user security techniques (PocketBiz Client)
 The end-user can view only the business data that concern him directly and nothing more
 Ability to set access codes for both the application and the device.
 Ability to activate the device only through fingerprint recognition.

Server security techniques (PocketBiz Server)
PocketBiz Server internet access is fully protected by Firewall. Also, PocketBiz Server communication with the company network can be restricted by creating a DMZ area.

Communication Security techniques (PocketBiz Communication)
PocketBiz communication via Internet/GPRS goes through 2 completely independent levels that increase security:
 Windows Internet Information Services Authentication and
 SQL Server Authentication.
The first technique is used to grand access to the Server and the second to the database.

In detail, the security techniques that are used in each level are:
Internet Information Services
 Basic Authentication using strong password of at least 20 characters. In this case base64 encryption that is incorporated in Windows is used
 128 bit Secure Sockets layer (SSL) encryption. SSL Certificate must be provided. Considered to be the absolute security solution
SQL Server
 Strong password, at least 20 characters, for access to the SQL Server
 All data that are exchanged during the SQL Server replication are encrypted
 In case that SSL encryption is used it is applied above the inherent encryption of SQL Server that is described above. Consequently 2 data encryption levels are applied.

Finally it is very important to note the ability to completely adjust the application to the security policies that the company already uses (VPN, Restricted RAS, WEP for WiFi etc)

Securitatea PocketBiz

Securitatea a devenit una din preocuparile principale in ceea ce priveste calculatoarele. PocketBiz foloseste cele mai bune si mai recente tehnologii de securitate si protectie a datelor, pentru a asigura oprarea non-stop si pentru a elimina posibilitatea scurgerii de date cruciale. Este important de notat ca toate tehnicile de securitate aplicate sunt „transparente” (invizibile pentru utlizatorul final) si nu afecteaza trasatura prieteneasca a PocketBiz.

Tehnici de securitate utlizator final (PocketBiz Client)
 Utilizatorul final poate bedea doar datele comerciale care il intereseaza in mod direct si nimic mai mult
 Posibilitatea de setare de coduri de acces atat pentru aplicatie cat si pentru dispozitiv
 Posibilitatea de activare a dispozitivului doar prin recunoastere a amprentei

Tehnici de securitate server (PocketBiz Server)
Accesul la internet al PocketBiz Server este complet protejat de Firewall. Mai mult, comunicarea PocketBiz Server cu reteaua companiei poate fi restrictionata prin crearea unei zone DMZ.

Tehnici de securitate a comunicarii (PocketBiz Communication)
Comunicarea PocketBiz prin Internet/GPRS trece prin doua niveluri complet independente care maresc gradul de securitate:
 Identificarea Windows Internet Information Services si
 Identificarea SQL Server.
Prima este folosita pentru a permite accesul la Server si a doua la baza de date.

Detaliat, tehnicile de securitate folosite la fiecare nivel sunt :
Servicii de Informare Internet
 Autentificare de Baza folosind o parola de cel putin 20 de caractere. In acest caz, criptarea pe 64 de biti incorporata in windows este folosita.
 Encriptare pe 128 de biti de tip SSL (Secure Sockets Layer). Certificat SSL trebuie furnizat. Se crede ca este cea mai buna solutie de securitate pentru SQL Server.
SQL Server
 Parola de cel putin 20 de caractere, pentru acces la SQL Server.
 Toate datele care sunt schimbate la raspunsul serverului SQL sunt criptate.
 In cazul in care se foloseste sistemul SSL de criptare, acesta este aplicat peste criptarea automata a serverului SQL care este descrisa mai sus. In consecinta 2 straturi de ciptare sunt aplicate.

In final este foarte important de notat abilitatea de a remodela complet aplicatia conform politicilor de securitate pe care compania le foloseste (VPN, RAS restrictionat, WEP pentru WIFI etc.)