Considering valuable and sensitive data processing, extreme attention is paid to security in the BitSwan product and it is extremely cared for.

Security diagram

The whole system as well as its individual components are closed in a secure and isolated environment so that only authorized users are given access to data.

For the access control the authorization and authentication OAuth 2.0. protocol is used. It verifies user access to all BitSwan product components and their functions. OAuth 2.0 also enables to set a multi factor authentication – e.g. with the use of YubiKey hardware tokens.

User accounts and corresponding rights can be obtained from e.g. LDAP, RADIUS, PAM or Microsoft Active Directory. User accounts can also be defined locally. The system makes use of user roles and groups for managing user access rights to individual data objects.

The system also supports a so called multitenant architecture, where individual instances can have the possibility of one´s own configuration and administration.

Data access is ensured via unified SSO Proxy which manages both user and external system accesses. Access to data is not only administered but also logged and checked so that the administrator is sure that only authorized users have access to data.

Sensitive or personal data managed under GDPR rules can be de-identified according to one´s needs. BitSwan applies a lot of algorithms which protect data against content misuse, for the purpose of which from the cyber security expert TeskaLabs company is used.

Moreover, all the incoming and outgoing communication is encrypted by means of TLS 1.2 (SSL). Thus the system provides the highest security level as far as potential attacks or data misuse are concerned.