Table of contents

Product security & reliability

SAML SSO, IP Whitelisting, audit and change logs, RBAC, customer separation, and many other security features are included in Safeture to assure best-in-class protection.

SSO

Safeture supports SAML Single Sign-on (SSO), which enables administrators to control who has access to Safeture using their existing identity provider/SSO solution, such as Azure Active Directory, OneLogin, Okta, G Suite, and others.

Role-Based Access Controls

Role-based access controls governs data access within the Safeture application (RBAC). Users can be assignedd to permission levels in Safeture (end users, local admins, super admins, country admins).Password and Credential Storage

Safeture uses the PBKDF2 (Password-Based Key Derivation Function 2) function to generate password hashes and enforces a complex password standard (minimum 10 letters, at least one capital letter, at least one lower case letter, and at least one number). This only applies to clients who do not have SSO enabled. Password hashes are not stored in the Safeture database for customers that use SSO.

IP Whitelisting

Safeture can be configured to only allow access from designated IP address ranges.

Two-factor Authentication

Two-factor authentication is enabled by default and is enforced on administrators unless SSO is enabled. The 2FA-code can be provided to the Safeture Mobile App through push notifications, by e-mail and/or by SMS (default).