Dynaspecs    Company    Demonstration    Integration    Security    Implementation    START

  How Eastman Chemical can maximize investment recovery with Dynaprice data services
 Provisions for Security
Physical, Network and Legal Security
Intrinsic Data Security
Data Access Controls
a.  Permissions and Log-ins, with Optional Encryption in Transit
Client venue administrators are given four levels of "company relationship" and five levels of "permission" within them to control the awarding of access to users. With the purchase of an SSL Certificate, passwords and User IDs may be encrypted when entered during the log-in process.
b.  Never-revealed User IDs
The user registration process may be designed to avoid transmission of explicit User IDs over the web; this is done by requiring each corporate user to register his Company Employee ID as part of the process (optionally encrypted in transit) and then notifying him to use his (unrevealed) Employee ID as his log-in User ID.
c.  Custom Registration Screenings
Corporate clients may require registered email addresses to end in a corporate suffix or otherwise program custom screening methods for new registrations. All new registrations are flagged for review by emails sent to venue administrators, and standard reports can identify all registrations and log-in activity over a specified time period for each company venue.
d.  Pseudo Intranet Linkage
Dynaprice venues may be designed to screen out all HTTP requests not arriving from an approved list of corporate network proxies. This can limit access to private internal redeployment sites to users logged into a corporate intranet -- but without Dynaprice having to know the employees' secure access codes or having access to anything behind the corporate firewall, in other words, without Dynaprice representing a security threat.