4 min read
Limitations of SSO and Implementing SSO (Part 2)
In my last blog, I introduced the...
Convene was designed and developed to enable your organisation to respond to today’s pressing security challenges. Equipped with advanced security features and end-to-end encryption, Convene’s multi-layered approach offers users high levels of data protection, access control, availability, and application security.
Paper documents are not secure. They can be left at printers, photocopied, or simply forgotten elsewhere - compromising the security of your meeting. However, there are security concerns about storing sensitive documents online too.
Convene is trusted by Banks, Governments, and Healthcare organisations around the world, and our security is regularly tested by customers. We encourage regular testing as we know security threats constantly evolve. So we evolve too. Working with you ensures all stay secure.
Here are just a few of Convene's Security Features and Accreditations
If you want to know more, but data-security jargon isn't your thing, check out our explainer document on understanding key security terms.
TLS 1.2 (Transport Layer Security) is the industry standard for establishing a secure channel between server & client. Without this, data would be sent over an unencrypted channel, leaving it vulnerable to hackers.
User accounts on Convene can be further secured using a one-time password. This unique one-time password can be delivered to the user’s registered mobile number or generated using an authenticator app.
Convene can also integrate with an existing identity provider (IdP) using SAML 2.0 to provide single sign-on functionalities, allowing user accounts and credentials to be managed centrally.
AES or Advanced Encryption Standard is the cipher used to encrypt our clients' documents when stored on our platform. AES-256 is the standard used by the US government for their sensitive information.
Set different levels of access and editing for an individual or a group. Set individual passwords for specific files and folders. And customise read-only and read-write permissions for every meeting participant or for a whole group.
If a device is lost/stolen, any sensitive information stored in the Convene app can be deleted remotely. Additionally, any data on a lost/stolen device is automatically deleted when password guessing is detected.
Convene allows your system administrator to track log-in attempts, downloads, uploads and what permissions were granted to who and by whom. So if there is any suspicious activity, you can start taking appropriate actions immediately.
By hosting on AWS, Convene inherits various processes in place with regards to network security. AWS Shield provides Convene with DDoS protection against the most common attacks that occur on the network and transport layer.
Convene is also protected against common attacks from within the infrastructure through the implementation of various controls including protection against ARP cache poisoning, IP spoofing etc.
Your data is always encrypted whether it is on the cloud, on your device, or somewhere in between. We encrypt data to a standard called AES256. This is the highest level of encryption available and would take the fastest supercomputer several billion years to crack
Yes. As an existing or potential Convene customer you can arrange for a penetration test of both your portal site and the application with your own security consultants. We just need 48 hours notice to inform AWS that a test is going to take place, this is part of our contract with them.
We also have our own penetration test carried out by a company of ethical hackers at least once a year. In combination with our customer tests, this means we review the results of security tests at least once a month. Your security is our priority.
You can remotely wipe documents from Convene from the system admin menu. You do not need to purchase any additional software for this to work and it does not depend upon the operating software of the device. Convene also contains offline hacking protection to prevent unauthorised access to the data - even when the device is offline.
Yes, you can. Convene supports devices with fingerprint recognition as a way of logging on to the application. You can also choose to use other forms of two factor authentication with Convene.
Convene comes with a full audit trail that is available for viewing or exporting from the system administrator console. Convene is designed to allow only those who are invited to meetings or organising meetings to see meeting documents. Even though the system administrator can see an audit trail of all of the meetings, they cannot access any of the documents.
Yes, you can. As we developed Convene we have added multiple options for password creation that were requested by our customers. We are pretty sure that we will have a combination that will match your corporate password! If not, no problem, just ask us and we will add it to the product.
We also offer ADFS connectors which allow you to log into Convene with the same user-name and password that you use to login to your Office 365 account or corporate email.
Yes, we do. Our processes have been accredited to ISO27001 SOC 2, for our cloud hosting we use Amazon Web Services (AWS). AWS has a complete range of certifications relating to country specific security including ISO27001, ISO 9001, C5, Cyber Essentials Plus, SOC 1-3, and more.
We can also set up Convene on-premise if necessary to serve your organisation's data compliance and security procedures.
Azeus Convene is also certified by the UK Government's National Cyber Security Centre. This is a Government-backed scheme that certifies that Azeus Convene's organisational data is safe against a wide range of the most common cyber attacks.
Having got through the 25th May...