IFS CLOUD:
Security
Comprehensive Security Solutions*
IFS Cloud’s security is designed for modularity and flexibility, allowing enterprises to tailor their security level to balance threat prevention with ease of use. IFS Cloud includes various ERP security features and controls to ensure robust protection.
Communication Security
IFS Cloud ensures external network communication is protected by TLS/SSL encryption (HTTPS). It works with standard network solutions like firewalls, proxies, and VPNs. For internet exposure, URL filtering in proxies can limit public access. DMZ, perimeter defense, and firewall strategies can also be employed to enhance ERP cyber security.
Access Security
Client requests to IFS Cloud require authentication via the OpenID Connect protocol. The role-based authorization model ensures only authorized employees can access specific functions and data.
Content Security
IFS Cloud uses standard network, OS, and database security without adding proprietary layers. It employs OpenID Connect, HTTP, and SSL/TLS technologies. A built-in log function tracks all data modifications, providing a clear audit trail.
*Source: Technical Documentation For IFS Cloud
IFS Security Solutions:
Architecture
IFS Cloud's architecture is designed with modularity and flexibility, allowing enterprises to tailor their security level to balance threat prevention with ease of use. The system encompasses robust applications security measures to safeguard data integrity and confidentiality.
External network communication is protected by TLS/SSL encryption, and standard network-level security solutions like firewalls and VPNs can be employed.
Access security is enforced through authentication using the OpenID Connect protocol and a role-based authorization model, ensuring that only authorized users can access specific functions and data, with comprehensive logging for audit trails. Comprehensive logging provides audit trails, utilizing secure ERP tools to monitor and document all access and modifications.
Config and Capabilities
IFS Cloud Security in the Config & Capabilities area ensures robust protection through various mechanisms. Each customer operates in a single-tenant environment with an independent database and software instance, providing dedicated resources. IFS Cloud employs top-tier security software to safeguard its infrastructure.
Security measures include Azure's DDoS protection, real-time anti-virus and malware protection, encryption in transit using TLS over HTTPS, and encryption at rest with 256-bit AES. Additionally, annual penetration testing by third-party security partners ensures ongoing security vigilance.
Certifications and Compliance
IFS Cloud's practices comply with legal and regulatory requirements, undergoing external reviews against international standards such as ISO 27001 for information security management systems.
The company demonstrates its commitment to security best practices through SOC reports, which assess and validate the effectiveness of security controls over time. Additionally, IFS Cloud supports GDPR compliance with features for lawful data collection, secure storage and encryption, and mechanisms for data recall, relay, maintenance, and removal, ensuring transparent and secure management of personal data.
Identity and Access Manager (IAM)
The Identity & Access Manager (IAM) in IFS Cloud is built on the OAuth 2.0 Authorization framework and incorporates the OpenID Connect Authentication layer for robust security. It includes a built-in user registry and supports delegation to external identity providers, enabling seamless integration.
Additionally, IAM supports multifactor authentication (MFA), single sign-on (SSO), and the SCIM (System for Cross-domain Identity Management) standard for efficient identity management across different domains. These features enhance the overall ERP security management framework providing ease of use.
Global Deployment Options
IFS Cloud operates a truly global delivery model through specifically selected Azure Data Center locations, ensuring wide-reaching service availability.
These MS Azure regions consist of multiple independent datacenters connected via a low-latency network, providing robust resilience. Customers benefit from primary and secondary regions to handle geo-redundant backups and disaster recovery, ensuring continuous and reliable service.
48 Essential Questions About IFS Cloud Integration Answered!
Explore the 9 key obstacles you may face, find practical solutions from industry professionals, and gain expert advice to facilitate your upgrade process.
CONTACT OUR EXPERT:
Östen Westman
IFS Expert
Looking for personalized advice? Feel free to ask Östen about how Novacura can tailor solutions to your business. Fill out the form, and we’ll get back to you shortly!