Security

Security is important to your organisation, otherwise you wouldn't be here.

Nedu has been designed and built to be secure. We recognise that for Nedu to be a reliable authenticator, it must remain secure. More than that, Nedu must protect the data you entrust to it. And so we implement an "onion" security model. At each layer of Nedu we place security measures; from the rooms hosting the servers, to the application functionality to Nedu's maintenance processes.

Some of these security measures are described below.

ACL based access control

Secure your data and applications using fine grained ACLs. Nedu allows you to restrict the actions of the systems and staff using Nedu, by permissioning your data.

Communication

Nedu never uses plain passwords. Web service connections are always secured by mutually authenticated SSL, whilst browser logins are either mutually authenticated SSL connections or Nedu authenticated SSL connections. Nedu's SSL environment is backed up by Gardanto's own CA infrastructure, ensuring that Nedu is not affected by the problems commonly associated with third party certificate providers.

Application construction

Nedu is thoroughly embedded with security measures. We don't simply pay attention to the big things, the small things are often what lead to compromised security. For example, we avoid web page scripting on our management screens. Whilst it is a terrific technology, it is simply too easily exploited by attackers. In our books the risk of using web page scripting is not yet justified by the functionality it can provide.

That kind of thinking is typical of the Nedu development team.

Infrastructure construction

Because Nedu is a managed service, the security of our environment is important to you. Nedu is hosted on infrastructure designed and operated by IT infrastructure and security professionals. See here for more details.

Want more information?

Please don't hesitate to contact if you require any further information.