Security Features & Tools

From the moment you login, SAM is protecting your client's sensitive information and keeps it protected while you are working. SAM provides multiple layers of security to keep an eye out for your data.

Check out advanced security modules in SAM.

	Login SAM will automatically redirect users to a secure connection if they try to access SAM using an unsecure connection. A session key is created (64 character key) at each user login. This ensures hackers cannot access the system through bypassing the login. The system references the session key on every page. Deters hacker attacks, because only way to access a page in the system is to have the session key. The session key automatically expires after an administrator defined period of inactivity and is never used again.
Click to view full screen.	Passwords & Permissions Permissions can be specified on what exactly users can view, add/edit and delete, such as a case worker can only view those families with whom they work, or a worker can only view children in a specific country, but not edit any of their data. Read more... Strong usernames and passwords: usernames must be at least 6 characters and passwords must have a capital/lowercase letter and numbers to be accepted. Passwords are stored in a one-way hashed format, which means that no one can decrypt a password. Passwords must be reset vs. retrieved.
	Encryption SSN, Driver’s License, CC information and other sensitive data is stored in an encrypted format, where only users with the decryption password can view or edit the information once it has been entered. All fields within the system encode the data that is stored. SAM prevents cross-site scripting (XSX) and SQL injection attacks. For hosted solutions, the firewall can be setup so that SAM can only be accessed by defined IP addresses.
	Audit All activity is logged including each page view and login attempts, so you can see if someone has been trying to access your system. Activity is categorized so that you can easily see when people are editing a form and trying to access forms which they don’t have permissions to. Optional Modification History module to track every single change to every field within the system, which allows you to see what user changed the field, on what date and the current and previous value. Modifications per field without leaving the entity’s form, and you can view modification history reports for an entity or for everyone. The modification history reports contain all the power of the regular reports in SAM. Read more... Auto Actions can be setup to notify administrators of suspicious activities, like excessive login attempts.
	SAM’s custom framework ensures that every field, including new ones, are handled properly to prevent SQL injection and (XSS) cross-site scripting attacks.