We are here to help you.
In a hurry? Common questions and answers:
How does the appbox GDPR API work?
Under the “APPBOX” tab, you are able to generate an API key to use to connect your application or service. This allows developers to use ready-made features in SecureAppbox which otherwise takes a long time to develop. For example, registration and strong user authentication as well as protection of app data under data protection laws. Additionally, it’s easy to connect applications with SecureMailbox GDPR client for secure distribution of results or analysis before being forwarded to anyone with a secured security
What is two factor login?
Two factor login requires that you in addition to username and password also suply an additional code from an Authenticator App on your mobile phone. This provides an enhanced security since even if an attacker might be able to guess your password, they would not also be in physical posession of your mobile phone.
The Authenticator App produces one-time codes that are only valid for 30 seconds. Then a new code is displayed on the App.
There are several Apps on the market that can be used. The App must implement TOTP (Time-based One-Time Password) security tokens from RFC6238. One free App which is widely used is “Google Authenticator” which is available for both Androids and iPhones. For Windows phones you can for example use the “Authenticator” App.
To enable two factor login, you must first have an Authenticator App installed.
Then in your Authenticator App select to create a new entry.
Log in to your SecureMailbox account using the full version of SecureMailbox (i.e. not the mobile version which does not have all admin capabilities available.)
Open your “Account settings” and select the “ID control” tab. Here indicate that you have installed an Authenticator App.
Now you are required to authenticate this action by entering a control code sent to your mobile phone.
Then a QR code is shown in SecureMailbox with a “secret” that your Authenticator App needs. You can either scan the QR code, or manually type in the secret code.
To validate that the process has worked you complete the setup by entering a code from your Authenticator App in SecureMailbox.
Now you are almost done. Two-factor login is set up and ready. But, if you loose your phone with your Authenticator App you are permanently locked out from your account unless you have configured a backup phone, or printed some one-time recovery codes. Do so right away if you have not already!
You can read more about how to enable Google Authenticator on the Google help page.
NOTE: It is important that the clock on your phone is correct. The code generation is depending on an accurate time.
Have you done a Security Audit?
The requirements for this security audit have been assembled to address a combination of common technical issues in evaluating a cloud service. In particular concerns addressed relate to topics brought forward by personal data and patient data privacy legislation such as the EU Data Protection Regulation (officially GDPR). In addition, general requirements for security and accessibility were also added.
SecureAppbox is one of the first secure cloud service that has been awarded a Privasee SEAL for EU’s new General Data Protection Regulation (GDPR) and the ISO/IEC 29100 privacy framework. SecureAppbox was awarded the SEAL for demonstrating compliance with Privacy by Design principles and the new EU regulation, due to replace national data protection laws in all EU member states.
Does your organization or company need training in cyber security? We are experts within secure digital communication, feel free to contact us and we will set up a training course that suits your specific needs.
In addition to our regular services, we also offer customized solutions within the framework of secure digital communication. Contact our sales department today and they will help to develop a proposal that suits your needs.