Is DFdiscover secure?

Is DFdiscover secure?
August 26, 2020 Eric Bosch

Absolutely, DFdiscover has been designed with security as a key requirement.

  1. All access to DFdiscover is restricted to users with valid credentials. These credentials include a verified username and password that are assigned and controlled by a secure DFdiscover administrative account. Requirements are set for password complexity, validity period and if users can individually reset their accounts.
  2. User credentials may optionally require Two-Factor Authentication. This is also controlled by the administrative account.
  3. Study / database administrators assign roles to user accounts, allowing access to the minimum amount of data and features for the user to fulfill their study role.
  4. All user-initiated changes to study data are centrally and separately logged with a username and timestamp.
  5. All communication between any DFdiscover user client application and the DFdiscover server is over a direct, encrypted communication channel. The client can always confirm validity of the server that they are communicating with. Communication uses only the most current TLS protocol versions and industry-standard ciphers.