Our Navvia application has been architected from the ground up to be safe and secure:
- Build on the latest versions of Microsoft IIS, Microsoft SQL and Microsoft .NET
- Use of secure sockets, port 443 with a Security certificate issued by Network Solutions
- AES-256 encryption for all data communications
- AES-256 encryption for data at rest
- Hardened images – all unused server ports are locked down
- Support for complex passwords
- Ability to restrict user access by IP address
- Support for Single Sign On (SAML 2.0)
We house the development, testing, staging and production instances of Navvia on Microsofts world-class Azure platform. Details of Microsoft’s physical security can be found here: Azure Physical Security
- Navvia conducts a semi-annual penetration test of the production system. Navvia support staff reviews results of the test and any identified issues are prioritized and remediated as quickly as possible based on the impact and urgency of the issue.
- Clients are permitted to conduct their own penetration test of the Navvia software. These tests must be scheduled with Navvia and are conducted at the client’s expense. To schedule a test please contact support @ navvia.com.