User Tools

Site Tools


general:security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
general:security [2016/11/02 17:48] – [Security] sugeneral:security [2023/08/30 18:09] (current) – [1. Log in with your Social Media (LinkedIn or Google) account] su
Line 1: Line 1:
-====== Security ======+====== App Store Security ======
  
 The App Store is a platform where users purchase and spend credits, and apps perform sensitive data operations. Therefore, security is paramount. The App Store is a platform where users purchase and spend credits, and apps perform sensitive data operations. Therefore, security is paramount.
Line 10: Line 10:
 <code>Can information you send and request be intercepted over the internet?</code> <code>Can information you send and request be intercepted over the internet?</code>
  
-Take a look at our web address.+Take a look at the address bar in your web browser.
  
 {{ :general:https.png?nolink&600 |}} {{ :general:https.png?nolink&600 |}}
  
-Note the "https" prefix and the padlock.+Note the padlock and "https" prefix in our web address.
  
 //HTTP// stands for Hyper Text Transfer Protocol, the communication protocol of the World Wide Web. //S// stands for secure. It means **all communication between you and the App Store is encrypted**. It is the same approach used in banking websites. //HTTP// stands for Hyper Text Transfer Protocol, the communication protocol of the World Wide Web. //S// stands for secure. It means **all communication between you and the App Store is encrypted**. It is the same approach used in banking websites.
Line 30: Line 30:
 Any interaction between a user and the App Store must be authenticated. If a user is not authenticated, App Store redirects to a log-in page. Any interaction between a user and the App Store must be authenticated. If a user is not authenticated, App Store redirects to a log-in page.
  
-We provide two methods for user authentication:+We provide two main methods for user authentication:
  
-==== Log in with your LinkedIn account ====+==== 1. Log in with your Social Media (Google or Microsoft) account ====
  
-Using a social media site as an authentication provider is an increasing popular method of managing log-in. It's simpler for you as you don't need to set-up and remember a dedicated log-in for the App Store.+Using a social media site as an authentication provider is an increasingly popular method of managing the log-in process. It means you don't need to set-up and remember a dedicated log-in for the App Store, and we can employ a trusted 3rd party security provider. At no point is your Google or Microsoft password divulged to us.
  
-We reviewed LinkedIn's security policy and we trust they take their responsibility for your privacy seriously.  
  
-[[https://www.linkedin.com/help/linkedin/safety|LinkedIn Safety Center]]+==== 2Log in with your work account ====
  
- +An organization can register with the App Store to allow it'employees to log in with their work accounts.
-==== Log in with your work account ==== +
- +
-An organization can register with the App Store to allow it'users to log in with their work accounts.+
  
 This is managed via Microsoft Azure Active Directory: This is managed via Microsoft Azure Active Directory:
Line 60: Line 56:
 The App Store is a marketplace of Industrial Applications from a variety of vendors. However, all adhere to our  The App Store is a marketplace of Industrial Applications from a variety of vendors. However, all adhere to our 
 security architecture which forces applications to request explicit user authorization.  security architecture which forces applications to request explicit user authorization. 
 +
 +When you log in to an App Store app, you'll receive an authorization prompt like the following:
  
 {{ :general:authorize.png?nolink&600 |}} {{ :general:authorize.png?nolink&600 |}}
Line 67: Line 65:
   * An app can only access datasources **//you//** authorize it to access.   * An app can only access datasources **//you//** authorize it to access.
  
 +You can revoke this authorization at any time.
  
  
general/security.1478108895.txt.gz · Last modified: 2016/11/02 17:48 by su