Skip to content

Security

Accops HySecure offers a robust set of inbuilt security features and compliances for clients to securely connect to organizational resources. These features likely cover a wide range of standard security measures and regulatory requirements.

However, for customers who have specific compliance requirements beyond the standard features offered by Accops HySecure, there is a provision to address these on a case-by-case basis. This involves connecting with the support team to discuss and potentially implement additional compliance measures tailored to their specific needs.

System Security

  1. For on-premise solutions, HySecure is delivered as a part of an ISO image of a security-hardened Linux-based distribution. The hardening is based on bank-grade security standards and industry best practices.

  2. All passwords are maintained in an encrypted form.

  3. Regular and stringent vulnerability assessments and penetration testing of HySecure are done based on OWASP Top 10 standards and industry best practices.

  4. External third-party VA/PT reviews are conducted frequently.

  5. Customizable TLS 1.2/1.3 cipher is set, which can be further hardened based on the organization's requirements and standards.

Note

By default, TLS 1.3 is selected.

Audit Security

  1. Detailed admin logs to track changes made by the privileged users.

  2. Configuration of email notifications for sensitive events such as:

    • Users' First Login
    • User Login (For Critical Users)
    • User Logout
    • Account Lockout
    • Application Access
    • Access Control Expiry
    • New Device Registrations

  3. Built-in SIEM product - Accops Reporting Server to provide analysis, reporting, and visualization of security anomalies.

  4. Integration with existing Syslog servers to dump activity/event logs.

  5. Security Hotfixes & Patches are released on the website, and regular notifications are sent to the customers via email.

Authentication Support

  1. A wide range of authentication mechanisms, including support for Active Directory, LDAP, Radius, and SAML.

  2. Mandatory certificate-based login mechanism for privileged users for added security.

Additional Support

  1. Ability to screen a wide range of parameters like WAN IP, Geo Location, Device Details, etc., and create access policies to allow/disallow access to resources.
  2. Support for customized password policies (for local native users) to be in line with the organization's internal policy.
  3. Provision to automatically disable dormant accounts based on pre-configured rules.
  4. Provides Stale User Management feature that empowers the administrator/Security officer to automatically revoke policies and registered profiles of users who have been deleted from Active Directory/LDAP Server.
  5. Merge users with similar access requirements to a specific user group. Ability to apply policies that affect the group instead of setting up individual policies for each user.
  6. Adjust key sections of the web access portal, such as logos, titles, and other identifiable information, to obscure these details.