How is EngagePHD™ secured?
Access to EngagePHD™ is via a secure SSL connection where users can log in with their username (email address) and password.
At first time login, users must change their password which must contain at least one lowercase letter, one uppercase letter, one number and must be at least 6 characters long. The user is then prompted to change their password every 60 days. They may use the same password if they want to.
In addition, based on the user and their IP address, everytime a new external IP address is detected, EngagePHD™ sends out an automated email to force the user to approve access before they can then log in unless a cookie was set from their web browser. This prevents anyone logging in from any other device (laptop, desktop, smart phone or tablet) without the user knowing and approving the request.
Ping HD has also partnered with Qualys† to provide recurring vulnerability testing on the EngagePHD™ servers and the EngagePHD™ application to ensure no security holes exist.
†Qualys, Inc. is a provider of cloud security, compliance and related services for small and medium-sized businesses, as well as large corporations based in Redwood Shores, California. Founded in 1999, Qualys was the first company to deliver vulnerability management solutions as applications through the web using a “software as a service” (SaaS) model, and as of 2013 Gartner Group for the fifth time gave Qualys a “Strong Positive” rating for these services. It has added cloud-based compliance and web application security offerings. Qualys has over 7,700 customers in more than 100 countries, including a majority of the Forbes Global 100. The company has strategic partnerships with major managed services providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).