YSER

  Sign up for our Newsletter
        
  SaaS
So what is Software as a Service (SaaS)?
This is the new trend for delivering software in a cost effective manner that has begun to...
  News
Apr 21 2008
2008 NIGP Forum
We're looking forward to another great time at the Forum in North Carolina!


Home  >>  Guidance >>

Security

There are important facts to keep in mind in regards to Internet security. Amongst the most commonly encountered Internet security terms is SSL (Secure Sockets Layer). Despite the unquestioned security benefits SSL provides, it can be easy to misunderstand what those benefits are.

  • Email, even submitted over an SSL connection, is not a secure form of communication. Many organizations routinely monitor inbound and outbound emails when they pass through the organization’s servers, before the email is sent out over the secure connection. Who has access to these "snapshots" of your email?
  • Other than email, SSL is also often misunderstood as the cure-all for security concerns for all other online activities as well. SSL only offers you a degree of security while your data is travelling between computers. At either end of that "secure pipeline" your information is vulnerable. What happens to the email on the recipient’s side?
  • Even with encrypted email problems may persist. For example: Once the recipient has decrypted the email, it is a matter of moments for anyone with physical access to their computer to get their hands on that email even if their computer is password protected. What is to stop the recipient from sharing the information with others?

The ElectronicTendering System takes extra steps to protect your e-procurement data.

Digital certificates (see Digital Certificates) allow you to legally sign (see Electronic Signatures in Global and National Commerce Act) your documents to protect them from adulteration. If the document is tampered with after it is signed, the key pair will no longer match and you can be certain that it is not the original document.

In addition to the security SSL provides, the ETS uses point of origin encryption. This means that your data is encrypted on your computer before it enters the SSL. Therefore, once your information reaches the server it remains encrypted. Your data is protected before it is sent over the SSL connection, it is doubly encrypted while it passes through the SSL connection and, most importantly, it remains encrypted and secure once it reaches our server.