Action1 5 Documentation 5 Security

Security

 

In Action1, we care about your data and its integrity. As a company, we are committed to providing a bullet-proof and secure endpoint management solution for our customers. We employ the latest data protection technologies and actively stay compliant with modern standards and regulations. Our experienced team of engineers established round-the-clock security auditing and monitoring in order to provide the highest level of protection for our users.

 

Data Encryption and App Security

The endpoints connected to the Action1 Cloud communicate through a secure channel. We use the 2048 RSA private keys for end-to-end encryption. The key exchange eliminates the chances of your data being stolen while in transit and guarantees the integrity and authenticity of your data. For each Action1 account, we generate a private key and embed it in the Account1 Connector and agent installers. No one besides you has access to your private key and can leverage it to access your data.

 

Multi-Factor Authentication

Besides restricting unencrypted access to Action1 web console, we enforce the two-factor authentication for all our users. The multi-factor authentication is an effective way to secure user accounts and access to data since it adds an extra verification step to your sign-in procedure. Action1 recommends using an authentication app such as Google Authenticator, Twilio Authy, Duo Mobile, or Microsoft Authenticator. Or you can leverage email-based MFA by entering unique one-off code sent to our email. Access to Action1 resources via API is secured with the OAuth 2.0 protocol.

 

Compliance and Security Regulations

As a company and a Cloud service provider, we follow the industry best practices related to data security such as PCI DSS, SOX, HIPAA, GDPR, NIST, and rely on Amazon, who is FedRAMP compliant. We have set ongoing monitoring and enforced the least privilege model meaning that employees have limited access to corporate resources and client data. No one has access to your Action1 account and data unless you explicitly allow it. We care about your privacy and are always on guard, protecting your data even when it goes beyond what the standards prescribe.

Our servers are hosted in the certified data centers run by Amazon Web Services. For more information about Amazon security controls and regulations, please refer to AWS Compliance Programs and AWS Cloud Security.

 

What You Can Do to Help Us Protect Your Data

To protect your data from authorized access, we recommend you follow these security guidelines:

  • Always lock your computer when leaving your desk and make sure it’s password-protected. Enforcing a strong password policy is also a good option.
  • Use the latest anti-virus and malware protection software, regularly install security updates and patches. You can identify missing updates with Action1 and enable automated patch management. For more information, see Automate Patch Management.
  • If you are a Managed Service Provider or take care of an independent department, create Organizations within your Action1 account to separate endpoints and enable access to them based on the organization. For more information, see Multi-Tenancy for MSPs and Enterprises.

Status

We value transparency, so you can quickly find relevant information on our status page in case of unscheduled downtime.

Should you have more questions, don’t hesitate to contact our technical support.