Is our data encrypted?
Data in transit is encrypted using TLS with Perfect Forward Security (PFS), and data at rest uses industry-standard AES-256 to encrypt fields in the database that contain sensitive information, such as Jamf Pro API credentials.
Is TLS always used?
Yes, Vision-Bot no longer supports SSL v3.0.
How are our passwords stored?
For Vision-Bot login passwords, we use bcrypt with unique, random salts, and employ a high-cost factor to deter brute force attacks. API credentials to connect Vision-Bot to other systems (e.g. Addigy and Jamf Pro Servers) are encrypted at rest using AES-256.
What are the password requirements?
Passwords, or passphrases, must be a minimum of 12 characters. After 5 failed login attempts you will be locked out for 3 hours.
Is Two-Factor Authentication (2FA) enforced?
Yes! 2FA is on by default and cannot be disabled. Following successful authentication, Vision-Bot sends an email with a verification code. The code must be entered to access Vision-Bot. There is an option to remember a device for 30 days.
Who has access to our device data?
Ntiva has access to support our clients. Our developer has access to the production database if a particular circumstance requires it (e.g., troubleshooting) and approval is requested and approved via our change management system. Additionally, clients control who from their team has access.
Where are Vision-Bot data centers located?
Vision-Bot relies on Linode.com to provide infrastructure as a service (IaaS) within the United States. Data at rest remains in the United States.
Does Ntiva use a secure Software Development Lifecycle (SDLC)?
Yes. We use an Agile methodology that incorporates cross-functional teams and clearly separated development, staging, and production environments.
Does Ntiva audit its security?
We follow industry best practices for security and use automated tools to check for security vulnerabilities prior to each release. We also rely on Two-Factor Authentication to ensure the security of the underlying infrastructure that is provided by Linode.com.
Have questions that we didn't cover?
Please don't hesitate to reach out to us to talk about security!