Project Management Menu
Security, Permissions & Controls
Security is placed front and centre. It is security by design and not an afterthought or wrap-around. Systems with security, permissions and access controls built within each module are far stronger.
Secure Login: The fact users can login securely does not equate with a secure system. Why not? Just because the user has a right to log-in, does not mean the user has the right to access all data and every part of the system. This is where permissions and access controls come into play. This also places question marks over wrap-around single sign-on products as they cannot magically provide access controls nor internal controls.
A Sample of Key Security Measures
| Risk | Activity |
|---|---|
| "Home-Cooked" Not "Ready-Made" | Adaptive offers "home-cooked" food rather than "ready-made" to focus on security, quality, control and facilitate customisation. |
| Enhanced Security & Ransomware Mitigation | Each client has their own database and unique encryption key. All sensitive and identifying data is encrypted with 256-Bit Encryption. All client data is segregated. Neither developers nor system administrators have access to client data. System administrators are instead forwarded log files. Only the CEO has write-access. The rationale: Some ransomware attacks occurred as insiders, with knowledge and access shared credentials. |
| Key-Based 2-FA | Key-Based 2-Factor Authentication (2-FA) login, uses a PIN which is never transmitted nor stored and would fail after a few incorrect attempts. The PIN is entered onto a special keypad so keyloggers (malware) could not detect the PIN. Users enter their PIN then click on a matching image - this protects against BOTs, making it close to hack-proof. |
| Permissions and RBAC: | Our default is strict Risk-Based-Access-Controls (RBAC). We recommend operating on a least-prvileged basis. Only users granted permission, have access to each module. During set-up our implementation team customise user roles and permissions to match your requirements. |
| APIs & Plugins | All APIs and Plugins are built in-house. Each rely on A-Auth (Adaptive Authorization) and numerous additional measures to block malicious intruders. |
| Server Controls | Multiple measures are employed including, but not limited to: Anti-Virus and Anti-Malware, Firewalls, DDOS-prevention tools, Backup, VPN-based IPs, BCP plans. |
| Controls | Controls are built within each module and range from access permissions, to restricting activities, through to flags and audit trails. Within Kanban-C, for example, potential malicious activity is flagged. The system also provides full audit trails. |
| Fraud Risk Mitigation | There are multiple Internal & External Fraud Risk Controls. |
| Proud to Ban Word Press From Our Servers |
For WordPress to be functional it relies on 3rd Party Plugins.
Our best guesstimate is these plugin developers care more about profit than security. To-date WordPress and its
plugins have suffered almost SEVEN THOUSAND VULNERABILITIES and this figure grows at roughly 100/month. It only takes
a single attack to bring a system down.
Here is the evidence. Or visit "cve.mitre.org", click "Search CVE List" and enter WordPress. After search for "AdaptiveERP", "AdaptivePM" or "AdaptiveDMS". Any mention of the word Adaptive relates to other well-known companies. On a daily basis "bots" scour all servers, to segment which do and do not run WordPress. They search for the WP Admin Login. This is a key concern with any OpenSource Software. Everybody knows login paths/urls. |
Request a demo or consultation