As with any software application, but even more so in the case of a SaaS application, security considerations play a critical role in the application architecture and the management of the infrastructure.

Inevitably, when an organisation‘s data is kept on servers that are not under its direct control, concerns regarding security and availability of the service come up.

Although this is certainly a valid concern, the bottom line is that in most cases, a service provider such as ourselves, can provide better security than most organisations due to the fact that we are not hampered by having to manage a complex network, with disparate hardware and a multitude of different applications. We only have to protect a single application. Furthermore because of the deep level of expertise surrounding the application and the economies of scale, we can provide a higher level of security than would be available in an on-premise scenario.

Our servers are hosted in high security data centres in South Africa and Ireland, operated by large, reputable hosting providers. More information about the security measures and processes implemented by these providers can be found on their websites:

• South Africa: Hetzner (http://www.hetzner.co.za);
• Ireland: Amazon Web Services (http://aws.amazon.com).

The operating system has been configured to provide the smallest possible risk footprint and is regularly checked to ensure that it meets the standards as set by the Microsoft Baseline Security Analyser. This includes ensuring that the latest security patches have been applied, that anti-virus software is up to date and that only the required ports are open. Both a physical and local firewall is in place to ensure that only the appropriate traffic is allowed onto the server.

PPO supports https (SSL) based access and clients may elect to enforce https-only access to their instance. All https traffic is backed by a 256-bit Thwate digital certificate.

The application has been designed from the ground up with security in mind. In addition to logical access control mechanisms which are described in more detail below, specific measures have been incorporated into the application to prevent web based threats such as cross-site scripting, script injection and SQL injection attacks.

A formal security review also forms part of each release to ensure that we have not introduced any features or functionality without considering the security implications.

Authentication of PPO users is done using a standard username and password scheme. PPO provides the ability to automatically e-mail users when they have been added to the system with a system generated password which they will have to change on first login. All passwords are stored in encrypted format on the server. Each instance of PPO can be separately configured to meet the client‘s specific requirements in terms of password policy, including expiry of passwords, re-use of old passwords, password complexity, and retry counts.

Authorisation of users is achieved using user groups (which determine what they can do) in combination with data filters (which determine what information they have access to). In addition, custom validation can be implemented to further restrict the ability of users to perform certain actions (see the section on custom validation later in this document).

Detailed audit logs are maintained of each users actions to ensure accountability and to provide traceability. These logs are also used by automated monitoring systems to provide information about current activity, usage and to identify anomalous behaviour.

As per the subscription agreement, all client data is treated as strictly confidential and will never be sold or otherwise wilfully disclosed. All backups are encrypted to protect against accidental or malicious disclosure. The logical separation of instances further mitigates the chance of accidental disclosure.