Overview of access management
We take cybersecurity very seriously at CoVi Analytics. This article outlines how access to the web based application is managed by CORE (the Application or App).
Option 1: VPN
One of the main ways we limit the App’s exposure to cyber threats is to “hide” it from the public web. This means that if someone tries to access the Apps web address they will get a “time out” message. This is achieved by limiting access to the App’s login page to web traffic from specific addresses.
A Virtual Private Network (VPN) allows us to achieve that. The App’s access is restricted to a known VPN address (IP address) and any traffic coming from that address is allowed through to the App. Think of it like a trip to Disney Land where the only people allowed into the Park are the ones on a Disney operated bus. Just like that, in order to access the App you must be on the “VPN bus”.
Here is a link to learn more about VPN Access.
Option 2: 2FA
Another way to enhance security is to use a two-factor authentication (2FA). When 2FA is active, to sign in you will require something you know (password) and something you have (a random number generator).
This is much more secure than just using a password to access a website because passwords can be compromised especially when the same password is being used across multiple websites – it only takes one data leak at a non-consequential website for “Cyber Bad Actors” to get a hold of your password and try accessing all other services you may use like web emails, banking apps, social media etc.
Here is a link to learn more about Setting up 2FA and Logging in with 2FA.
VPN vs. 2FA
Both the VPN and 2FA can be used in tandem. This means that users have to log into a corporate VPN to access the App’s login page and use 2FA randome generated numbers to access the APP. Although this provides enhanced security, this may be overkill since the VPN restriction is a very strong security measure in itself.
On the other hand, there may be instances where not everyone is able to access the corporate VPN when travelling or working from home. In this scenario, clients can choose to remove the VPN restriction and open access to the App to the public web (i.e. anyone with a car can enter Disneyland). 2FA is highly recommended if the VPN restriction is removed because a compromised password will not impact the App’s security.
To discuss your current setup or switch the VPN on/off, please contact the support team at email@example.com