At OS33/Workplace, we take security very seriously. Many of our clients work with sensitive and regulated information and rely on us to keep their data secure. Our feature, Websites, is designed to let you use secure passwords and sign you in with one click once you’re inside the secure perimeter of Workplace.
- Is the Websites Feature Secure?
- Who Can Sign in to My Websites?
- Why Should I Save Accounts Using Workplace Websites?
Is the Websites Feature Secure?
When it comes to protecting your organization, we aim to beat industry standards. This is why Websites' account storage and encryption adheres to bank-level security standards and are constantly maintained to stay up-to-date. AES256 is employed for encryption in transit and rest, and the Diffie-Hellman (ECDH Curve 25519) algorithm is used for additional encryption and key generation. This protects our software against ‘man in the middle’, cross-site scripting, sniffer, and key-logging attacks to keep your team secure.
Who Can Sign in to My Websites?
Your company manager and Workplace support will be able to access your account (or 'sign in as' you) to view websites or bookmarks you saved, but they cannot reveal your password. These actions are logged and can be reviewed in the account activity section.
Why Should I Save Accounts Using Workplace Websites?
The Websites feature was designed as a solution to common practices of sharing credentials that can put your company data at risk.
Here are a few ways you should not share or keep usernames and passwords:
- Sharing via email
- This could allow anyone with access to the network, such as the ISP, between you and the recipient to read the information.
- Keep passwords in text documents or spreadsheets
- In the infamous Sony hack of 2014, hackers gained access to the firm’s network and found files with thousands of usernames and passwords.
- Keep passwords on sticky notes on the screen
- Anyone with access to your desk can compromise security.