A specific configuration file is maintained for each client to control unique options and database access controls. The configuration file is protected by file privileges so that it is only write enabled for Arable System Administrators and is presented as read only to the web server application.
Browser to Web Server
All communications between the user’s web browser and the Perform web server are protected with Secure Sockets Layer protocols.
Web Server to Database
The Web Server uses information from the Configuration File to access the database with a Client unique username and password that is only known by the Arable System Administrator. The database query and write records are not normally encrypted during transmission between the web server and the database by Perform
Database at Rest
The database provider's user access controls are active when connecting through Perform or with direct SQL. Only those users with an account in the SQL database can directly query the data.
Perform stores and protects all files that have been uploaded to it. The file storage is uniquely associated with each Client Instance. The files are further protected by the calculation of a complex checksum that is created and saved in the database when the file is initially stored in Perform.
Perform is designed to conform with the requirements of 21 CFR Part 11. We follow three complementary methods to control Menu and Data access:
Provides an additional level of protection to individual documents based User and/ or Organization authorization.
Access is also controlled by function, user roll, organization or individual. Document specific controls by organization or individual allow for complete personalization for controlled access.
Preferred Hosting Provider
Arable will provide our security white paper to prospective customers upon request.
For More Information