Skip to main content

Security

Versions

Transport Layer Security (TLS) is used to encrypt all communication between the DMC client and server. TLS 1.2 and TLS 1.3 are currently the only supported versions of TLS. Connection attempts with TLS 1.1 or lower will be declined by the server because these versions are considered unsafe and are deprecated. TLS is specified by various RFCs of which the latest at the time of writing this documentation was RFC 8446, specifying TLS 1.3.

The full specification for TLS 1.3 RFC can be found at: tools.ietf.org/html/rfc8446

The encryption used by current JDK implementations is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.

Data centers

The data centers that host our DMC servers are ISO 9001:2015 certified. To view the certificate, please contact your Infront key account manager.

Data encryption

There is no encryption of payload data in addition to transport layer encryption! The data it modeled as binary proprietary packed data, optimised for performance.

Logging and monitoring

DMC systems are monitored for security relevant events based on the available log files on the DMC server. In case of identified security attacks or breaches, the Infront IT Security Board is notified immediately through vulnerability management.

Safety-relevant events that are monitored:

  • Relevant security vulnerabilities in used components become known
  • Amount/Change in log volume
  • Systematic iteration over existing interfaces
  • Requests with invalid credentials
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.