Advanced Security and Authentication Options

Cybersecurity is more critical than ever due to the increasing number of cyber attacks from various sources. Phishing attacks trick users into revealing sensitive information, such as login credentials, while credential stuffing uses stolen passwords to gain unauthorized access. Brute force attacks exploit weak passwords by systematically trying different combinations until they succeed.

These methods are growing in sophistication and frequency, posing significant risks to both individuals and organizations. To combat these threats, deploying strong authentication techniques—such as multi-factor authentication (MFA)—is essential. MFA adds an extra layer of security by requiring multiple forms of verification, making it much harder for attackers to gain access, even if they have obtained passwords through phishing or credential stuffing.

Implementing comprehensive authentication protects sensitive information and ensures that businesses maintain security of their systems in an increasingly hostile digital environment.

Access to resources in infoRouter is controlled by a multi-layer, military-grade security system. This ensures that unauthorized users are prevented from accessing folders and documents they cannot view or modify. You can configure the system settings to require complex passwords, further strengthening the protection of sensitive information.

To secure API interactions, infoRouter requires an authentication token as part of its robust authentication process. All modules within infoRouter use a token-based authentication method, ensuring a secure authentication process for accessing system resources.

Additionally, some of our customers have implemented biometric technology such as facial scans, retina scans, voice recognition, and facial recognition to verify user identity and enhance the level of security required for access. These advanced methods add another layer of protection, making it even harder for unauthorized parties to access restricted data.

infoRouter provides a comprehensive suite of security features, from access control to role-based permissions, ensuring that only authorized users can access or modify documents. Combining these methods guarantees that your organization’s digital assets are well-protected against evolving cyber threats.

infoRouter provides a comprehensive suite of security features to safeguard your digital assets. From access control to role-based permissions, infoRouter ensures that your documents are protected and only authorized users can access or modify files. This section outlines the various security mechanisms infoRouter offers to help your organization maintain data integrity, compliance, and efficient collaboration.

To access secure resources in infoRouter, all users must have a valid account. These accounts are created by the System Administrator and stored in the security database, providing unique identification within the system. Once authenticated, users can perform actions such as checking documents in and out, participating in workflows, and being assigned tasks.

Access rights are determined based on document, folder, and Document Library security settings. Document Libraries in infoRouter are isolated areas where documents are grouped together, and access to these libraries is strictly membership-based. Only members of a specific Document Library can view, edit, or interact with the documents contained within that library. This membership-based control ensures that sensitive information is accessible only to authorized users, further strengthening security.

Library Policies in infoRouter add another layer of security by providing granular control over document access and interactions within Document Libraries. These policies allow administrators to define detailed security permissions, such as who can read, edit, delete, or share documents within the library. By setting up Library Policies, organizations can customize the security structure to fit their specific needs, ensuring that the right users have appropriate levels of access and control over critical documents.

With the flexibility offered by Library Policies, administrators can enforce stricter controls on sensitive documents while allowing broader access for general documents. This granular approach enhances both document security and organizational compliance with internal policies and external regulations.

infoRouter uses role-based and group-based security to allow or restrict access to documents:

Role-Based Security

• Administrator
• Library Managers
• Policy Managers
• User Managers
• Document Owners
• Role-Based Access Control

Group-Based Security

• Users, Global User Groups, Local User Groups (Document Library-based groups).
• Groups are assigned specific security permissions for folders and documents.
• Supports security inheritance to apply permissions consistently across documents.

Permissions for folders and documents can be set using incremental rights:

• No Access
• List
• Read
• Add
• Add & Read
• Change
• Full Control

• Conflicting rights are resolved based on C3 Security rules.
• Support for HTTPS - Secure Socket Layers (SSL).
• Secure off-site access for remote workers, customers, and partners.

---

---

Authentication is the process of verifying a user's identity before granting access to a system. An authentication system ensures that only authorized users can access sensitive data or applications. There are various forms of authentication, including password-based login, biometric verification, and multi-factor authentication. Strong authentication methods, such as requiring complex login credentials, add an extra layer of security to protect against unauthorized access. If infoRouter is being used in Windows Authentication mode, users can further enhance security by integrating smart card readers and other biometric authentication factors to add additional layers of protection to the authentication process.

User authentication is crucial for safeguarding sensitive information and maintaining system security. Password-based authentication, where users provide login credentials like a username and password, is the most common method. However, strong passwords and additional authentication measures are essential to prevent unauthorized access and data breaches. Implementing strong authentication practices helps ensure that only legitimate users can access your systems, reducing the risk of cyberattacks and other security threats.

---

infoRouter's re-authentication feature ensures that users are required to confirm their identity before carrying out critical actions. This system setting can be customized to meet the specific security needs of your organization, providing an extra layer of protection for sensitive operations. Actions that trigger re-authentication include:

• Deleting libraries
• Deleting documents or folders
• Deleting user(s)
• Changing security settings
• Changing document ownership
• Updating classification status
• Approving or rejecting decisions

Regardless of the user's role, they will be prompted to re-enter their login credentials to verify their identity before proceeding. This added security measure helps prevent unauthorized actions and ensures accountability for critical system changes.

---

infoRouter supports various authentication methods to suit your organization's needs. Authentication logging captures all login attempts and access events, providing accountability and tracking for system usage. It supports three forms of authentication:

• infoRouter Authentication - Built-in security database
• Windows Authentication
• LDAP and Active Directory
• Single Sign-On (SSO) with Windows Authentication and LDAP for streamlined access to multiple related applications without repeated sign-ins

You can easily import Active Directory users and groups into infoRouter, ensuring they remain synchronized through LDAP Synchronization. By utilizing Single Sign-On (SSO), you streamline the login process, enhancing user experience while significantly reducing the administrative burden of managing multiple credentials. For more details, learn about infoRouter LDAP Integration.