Every day we hear about how data has been compromised. This is the world we live in and it creates an increasing need for securing business and personal data. FlowWright's workflow product minimizes security concerns by requiring access only to data that it needs to make decisions - and this is done easily by pointing to data via a key. FlowWright is fundamentally focused on data security. FlowWright is based on client-server web technologies but uses many ways to ensure user information is secure.
Encryption is one-way FlowWright keeps information secure. FlowWright uses HTTP SSL (HTTPS) between the web server and the web client to ensure all communications and connections are fully encrypted. This guarantees that information such as user name and password sent through the network pipe cannot be viewed and the information itself is encrypted.
FlowWright further enables encryption between the application and database because Microsoft SQL Server supports encrypted database connections. Users themselves can further ensure FlowWright’s database is fully secured and set up user accounts to have the proper permissions.
FlowWright’s code base uses best security practices to make sure FlowWright can handle Javascript injections on the UI as well as SQL injections on the database side. We always recommend that customers keep data in their existing systems when possible, and let FlowWright pointer to your data. Automated workflow processes access your data only with permission and then can use that data to make decisions.
In a Change Notice application, for example, a Change Notice number is passed into the workflow and then the workflow may need to make a decision based on Change Notice type. Change Notice type can be figured out based on the Change Notice number, so have the process make a database call to get the type using the number.
Third-party security penetration testing has been done on FlowWright and there are currently no known critical, high, medium, or low security risks associated with FlowWright.