Web Services Security
Document #: | 3125 | Product: | CenterPoint |
---|
CenterPoint offers the ability to publish pay advices for selected employees to the web. This opens the question of security as the information being transmitted is sensitive in nature.
Security Overview:
- Security begins within CenterPoint. The Web Services functions are referenced within CenterPoint from several locations. Security policies control access to those areas. You, the owner, decide which employee(s) will be able to access those areas.
- A decision is made to publish pay advices for each individual employee. This “opt-in” model assumes that permission has been received from the employee.
-
When an employee wishes to view their advices online, they will create a Red Wing Software User account which requires them to provide an email address and password. An irreversible cryptographic hash function is applied to the password and the result is stored securely on our identity server, the password itself is never stored anywhere within our applications or services. The hash is used to compare against a hash generated against the password provided by the employee when logging into the service. The e-mail address used to register will be used to notify the employee that certain events have occurred.
- The first time the employee logs into the system they are required to Register, this process identifies you, the Employer (Company) and the Employee and ties them to the user account they created. This is done by asking them for a combination of information known only to you, the employer (Company and Employee Codes) and the employee themselves (last 4 digits of their SSN.) The Company code is a unique 6-digit code that is automatically generated when you register your CenterPoint database with the Publish Pay Advice service. Employee code is a unique value entered in CenterPoint as the Employee Abbreviation and can be altered by modifying the employee’s record within CenterPoint. The last 4 digits of the Employee’s SSN is taken from the Employee’s record in CenterPoint and an irreversible cryptographic hash function is applied to it and stored in the service database which is then used to compare to the cryptographic hash of the value entered by the user when registering.
-
All communications between CenterPoint and the Publish Pay Advice services take place over a Transport Layer Security protocol using HTTPS. This protocol ensures that we can verify the server that we are talking to and that the data transported is encrypted with a 256-bit encryption key. The platform hosting Publish Pay Advices services is protected with a certificate. This type of certificate verifies that the service communicated with is controlled by the company who purchased the certificate. In this case, Red Wing Software purchased the certificate, was verified as a legitimate company, and the certificate was assigned to the IP address of our service.
-
CenterPoint Publish Pay Advice API services also requires that the communicating agent (CenterPoint) provide a unique token generated by our standalone identity server with each communication. This token is short-lived and can only be generated by our identity server which requires a unique set of credentials known only to Red Wing Software to do so. This ensures that a rogue request could not communicate with our services, so even if a bad actor could somehow bypass the SSL protocol, the transmitted data would lack the necessary authentication and the request would be denied.
-
Data transmitted to the service exists only within the local CenterPoint database and the database stored on the host platform (Azure.) It is never serialized to physical files. This helps ensure that the data cannot be intercepted somewhere in the process. The data stored within the hosted database contains minimal information about the employee. For example, the employee’s first and last name along with the employee abbreviation, identifying the employee, are the only decipherable fields stored on the Web. No other sensitive information such as social security number or birth date exist in the database except as they are embedded in the pay advice. The pay advice itself is not in a human readable form but rather stored as stream of digital bits
-
The only methods that will retrieve the pay advice require that the subscriber, database, user and user’s password be validated. These methods are called by the Web browser application initiated by the employee where the employee has logged in with the validated credentials. Once CenterPoint publishes pay advices, it has no means to retrieve them. No employee or other person can view the pay advices via the Web without knowing the employees user name and password.
-
The website, services and database are housed on a secured Azure server. The database is only accessible to the service.
-
Azure maintains continuous backups of the hosted data that are stored in multiple geographical locations.