User Tools

Site Tools


general:security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
general:security [2016/11/02 14:08] sugeneral:security [2023/08/30 18:09] (current) – [1. Log in with your Social Media (LinkedIn or Google) account] su
Line 1: Line 1:
-====== Security ======+====== App Store Security ======
  
-The App Store is a platform where users can purchase and spend credits, and perform data-access operations. Thus, security is paramount. We adhere to the highest web standards.+The App Store is a platform where users purchase and spend credits, and apps perform sensitive data operations. Therefore, security is paramount. 
 + 
 +We aim for the highest web security standards. Here's an overview of our policies.
  
  
Line 8: Line 10:
 <code>Can information you send and request be intercepted over the internet?</code> <code>Can information you send and request be intercepted over the internet?</code>
  
-Take a look at our web address.+Take a look at the address bar in your web browser.
  
 {{ :general:https.png?nolink&600 |}} {{ :general:https.png?nolink&600 |}}
  
-Note the "https" prefix and the padlock.+Note the padlock and "https" prefix in our web address.
  
 //HTTP// stands for Hyper Text Transfer Protocol, the communication protocol of the World Wide Web. //S// stands for secure. It means **all communication between you and the App Store is encrypted**. It is the same approach used in banking websites. //HTTP// stands for Hyper Text Transfer Protocol, the communication protocol of the World Wide Web. //S// stands for secure. It means **all communication between you and the App Store is encrypted**. It is the same approach used in banking websites.
  
 Encryption does not prevent message interception, but it does mean the information content is secure. Encryption does not prevent message interception, but it does mean the information content is secure.
 +
 +
 +----
  
  
Line 25: Line 30:
 Any interaction between a user and the App Store must be authenticated. If a user is not authenticated, App Store redirects to a log-in page. Any interaction between a user and the App Store must be authenticated. If a user is not authenticated, App Store redirects to a log-in page.
  
-We provide two methods for user authentication:+We provide two main methods for user authentication:
  
-==== Log in with your LinkedIn account ====+==== 1. Log in with your Social Media (Google or Microsoft) account ====
  
-Using a social media site as an authentication provider is an increasing popular method of managing log-in. It's simpler for you as you don't need to set-up and remember a dedicated log-in for the App Store.+Using a social media site as an authentication provider is an increasingly popular method of managing the log-in process. It means you don't need to set-up and remember a dedicated log-in for the App Store, and we can employ a trusted 3rd party security provider. At no point is your Google or Microsoft password divulged to us.
  
-We reviewed LinkedIn's security policy and we trust they take their responsibility for your privacy seriously.  
  
-[[https://www.linkedin.com/help/linkedin/safety|LinkedIn Safety Center]]+==== 2Log in with your work account ====
  
- +An organization can register with the App Store to allow it'employees to log in with their work accounts.
-==== Log in with your work account ==== +
- +
-An organization can register with the App Store to allow it'users to log in with their work accounts.+
  
 This is managed via Microsoft Azure Active Directory: This is managed via Microsoft Azure Active Directory:
Line 47: Line 48:
 [[https://azure.microsoft.com/en-us/documentation/articles/active-directory-whatis/|Microsoft Azure Active Directory]] [[https://azure.microsoft.com/en-us/documentation/articles/active-directory-whatis/|Microsoft Azure Active Directory]]
  
 +----
  
 ===== Application Security ===== ===== Application Security =====
Line 54: Line 56:
 The App Store is a marketplace of Industrial Applications from a variety of vendors. However, all adhere to our  The App Store is a marketplace of Industrial Applications from a variety of vendors. However, all adhere to our 
 security architecture which forces applications to request explicit user authorization.  security architecture which forces applications to request explicit user authorization. 
 +
 +When you log in to an App Store app, you'll receive an authorization prompt like the following:
  
 {{ :general:authorize.png?nolink&600 |}} {{ :general:authorize.png?nolink&600 |}}
Line 61: Line 65:
   * An app can only access datasources **//you//** authorize it to access.   * An app can only access datasources **//you//** authorize it to access.
  
 +You can revoke this authorization at any time.
  
  
general/security.1478095707.txt.gz · Last modified: 2016/11/02 14:08 by su