Enterprise Password Safe Information
EPS Overview Data Protection Measures
Data Protection Data Protection Measures
Technical Specs. Order Online
Order Online

The EPS uses an encryption chain (as illustrated on the right of this page) which ensures that the information needed to decrypt passwords is not entirely stored in the database. The EPS also performs all encryption and decryption in memory in the application server, thus ensuring that the data does not get transferred over the network or permanently stored in an unencrypted form.

The EPS maintains an audit log of all accesses to passwords and can be configured to send Email alerts whenever a password is accessed or modified. The EPS can also retain historical versions of passwords to ensure that you can still access accounts which may have been restored from old backups.

The EPS does not require any special operating system configuration and uses the database to store all information which allows you to use your existing replication and backup procedures to operate disaster recovery sites or make backups of the passwords held by the EPS.

If you have concerns about the security measures the EPS uses we recommend you perform an independent audit of the system to satisfy yourself of it's security. We do not try to hide how the system works or what software it uses because we believe the EPS is secure, and if you decide to audit it yourself we believe you will come to the same conclusion.

  

Diagram of encryption chain

 

This web site and the contents are (c)Copyright 2006-2008 Enterprise Data Safe Ltd., All Rights Reserved.