A critical aspect of successfully deploying a new intranet within your organization involves the selection of secure intranet software.
If you’re planning on deploying intranet software, take a look at our key intranet security features below:
Built-In Permission Engine
It is important to choose an intranet software platform that has a built-in permission engine to effectively facilitate the assignment of granular permission rights throughout your organization. The intranet’s permission engine should allow for intranet administrators to attribute permission settings to individual employees, groups and employees with specific roles. Secure corporate intranets should contain comprehensive permission engines to support the accessibility and restriction of sensitive company information.
In addition to the built-in permission engine, an extra permission layer can be implemented through the configuration of security levels according to users’ IP ranges. This can be extremely useful for restricting highly confidential documents. It may be suitable to enable employees to solely access these important documents from their office location, rather than using a coffee shop’s connection.
Secure Intranet Password Policies
There are many elements associated with the implementation of secure intranet password policies, such as:
- Type of Password – passwords must contain upper and lower case characters as well as numerical
- Password Expiration Date – the maximum password age
- Wrong Password Attempts – specify the number of incorrect password attempts before the account is locked
- Specified Lock-Out Time – the number of minutes a user is locked out of their account
Intranet Application and User Audits
Having the option to view, record and manage intranet activity – through the Audit Logs application – provides additional security as user activity, along with application-specific actions, are completely viewable. Discover a range of information, from recently implemented administrator changes to user profile updates; the audit logging capabilities on an intranet provide a detailed overview of all intranet activity within a given time period.
In-House (Internal) Hosting
In regards to intranet deployment, organizations choose between two primary deployment options: in-house or cloud hosting. An advantage of intranet software being installed on your infrastructure is added security due to the presence of corporate firewalls.
With this deployment option, the intranet software is installed and hosted through a dedicated cloud server. Highly secure data centres often adhere to strict policies and procedures such as;
- Live video surveillance
- No public access permitted
- Biometric hand scanners to restrict access to each data centre
- Pass card systems in place
- Audited by a third-party organization
Encrypted files provide extra security as they prevent system attackers from seeing the source code. Error handlers can also be used to disallow system attackers from viewing the internal structure.
Is your Intranet Software protected from the following attacks:
- SQL injection
- CSRF attacks
- XSS -(Cross Site Scripting)
- Session hijacking
- Brute force attack
Network security can be delivered using HTTPS (SSL), or cloud servers make use of IPTables firewall technology to ensure access to the server is fully controlled.