Deterring system and data theft is critical. Security is front and center when architecting enterprise applications. When deployed in the cloud, FlowWright chooses an ISO 27001 compliant cloud environment like MS Azure. In addition, regular penetration testing is done to verify security and integrity. From a design point of view, FlowWright is secured in several ways.
FlowWright itself has several access points, each secured using authentication systems. The access points and are:
- Application User Interface (UI)
- .Net Application Programming Interface (API)
- REST API
FlowWright's UI employs authentication systems to authenticate and authorize users: Windows authentication, basic authentication, single sign-on, SAML, or even forms authentication.
There is no authentication within the .Net API: it is a high-performance API that is deployed within controlled and secured environments. The REST API on the other hand is accessible over HTTP and uses basic authentication and is fully Oauth 2.0 compliant. The REST API can validate user information and provide authentication tokens to be used within REST API calls. These tokens have expirations but new tokens can be retrieved using a refresh token. With the use of token-based authentication, the REST API is made more secure because the tokens are only valid for a short period. The use of tokens improves REST API performance significantly, too.
REST API OAuth tokens can be used with Microservices for secure authentication, too. Basic authentication is still an option, too. OAuth tokens can be also used to authenticate within the UI.
We strive for security and performance. Security is a product mandate. Our team repeatedly tests FlowWright against vulnerabilities. FlowWright's strong security and use of regular security challenges results in major advantages over open source software options.
In addition to securing FlowWright itself, the operating environment needs to be secured, too, especially application and database servers which require a controlled environment with high security - which MS Azure, AWS, and other ISO 27001 cloud environments can provide. In addition, we recommend SSL digital certificates to secure communication between application servers and browser-based user interfaces.
FlowWright works hard to make sure your systems and data are safe: your security is our priority!
Want to hande workflow in a secure way? Let's Talk!