security | FineReport - Front Runner of BI and Report Software

International authoritative organization security certification: ISO/IEC27001 information security management system certification

ISO/IEC 27001Developed by the International Organization for Standardization, it is a global information security management system (ISMS), which is the most widely adopted standard for information security management systems in the world. The purpose of ISO 27001 is to protect the confidentiality, availability and integrity of information assets and to prevent corporate information from being misused or stolen. The current version is the 2013 version, which provides the overall concept of information technology, security technology, and information security management system.

ISO/IEC 27001The information security management system standard strictly audits 14 management areas, 35 control targets, and 114 control points. Comprehensive protection of the confidentiality, integrity and accessibility of the data.

Data Security Policy (2 controls)

Data Security Organization (7 controls)

Human Resource Security (6 controls)

Asset Management (10 controls)

Physical and environmental safety (15 controls)

Data Security Incident Management (7 controls)

System acquisition, development and maintenance (13 controls)

Access control (14 controls)

Password control (2 items control)

Operational safety (14 controls)

Communication security (7 controls)

Supplier relationship (5 controls)

Data security aspects of business continuity management (4 controls)

Compliance; internal requirements, such as policies, and external requirements, such as law (8 controls)

Product focus on creating security features: 4 major security guarantees, peace of mind

The Gartner 2019 CIO Agenda survey included 3,102 CIOs from 89 countries. The survey showed that 95% of IT executives surveyed believe that information security threats will rise, and the top two in the IT field will increase investment. BI/data analysis solutions (45%) and information security (40%).

Fansoft CEO Chen Yan said at the Fansoft User Conference that "data security is the lifeblood of customer business. It is no exaggeration for FanSoft to pay attention to data security." Fansoft is a manufacturer that provides BI/data analysis solutions for enterprises. , has always listed the data security of corporate customers as the core work. FineReport 10.0 is the focus of safety, black box-like tracking technology and a full range of accident handling mechanisms to make FineReport10.0 achieve aviation-grade security.

Application Security

Finereport 10.0 adopts the more secure RSA + sha256, and adds a series of security protection functions such as Cookie enhancement, file upload verification, security headers and access control.

Account security

Finereport 10.0 provides single sign in control, abnormal sign in reminder, access frequency control, anti brute force cracking, strong password strategy, and more detailed audit records.

Information security

Finereport 10.0 provides complete authority control, multiple authority verification methods, and unified encryption storage of password information.

Operation and maintenance safety

Finereport 10.0 provides regular system backup to ensure that the system can be recovered after being maliciously tampered; customers can also conduct security analysis, resource change tracking, compliance audit.

Copyright©2020 FanRuan Software Co., Ltd.