Client confidentiality is our top priority, which is why PSIberLite is equipped with the best security protocols to ensure that your data is protected at all times from unauthorised access and tampering.
PSIberLite implements multiple layers of online security through various data protection measures and authentication methods that work together to safeguard your private access details, and private payroll and HR-related information.
PSIberLite makes use of Internet Solutions (IS) Outsourced Firewall solutions, which is geared to provide low latency, high throughput security solutions, and examine both inbound and outbound traffic.
PSIber Group (Pty) Ltd holds a Digital Code Signing Certificate that is used to sign all redistributables to assure the end user that we are the file’s source and that their information has not been tampered with.
In order to provide increased security, the client binary has been obfuscated, making reverse engineering; to gain unauthorised access, extremely difficult.
All communications that occur on the PSIberLite system are encrypted with TLSv1 encryption. A Self-Signed SSL Certificate (Public/Private Key pair) or a Trusted Public Certificate Authority Certificate may be used.
In addition, the PSIberLite system also generates a cryptographically secure token when a Client logs-in, which is presented to the server for all client requests that require authentication.
During the login procedure, an additional key is generated and transmitted to the server using asymmetric encryption. This key is used in a second layer of Advanced Encryption Standard (AES) encryption.
PSIber Group (Pty) Ltd holds an industry standard SLL certificate which is used to secure sensitive information.
PSIberLite has a robust password management facility in place which allows clients to configure their password settings according to their security needs:
- Allows clients to customise the complexity of User Passwords (based on number of characters of a certain type and special characters)
- An account can be set to lock following a certain number of failed login attempts or after a specified period of inactivity
The system also contains a secure facility to retrieve forgotten passwords safely via email.
All passwords are stored in the database as an SHA-512 hash that is calculated using a securely generated random 512 bit salt and a random number of rounds.