TECHNICAL STRUCTURETARIFSsupport@erp-platforma.com Sign up Sign in EN
Safety system

Protecting your customers' personal data

The system complies with the requirements of the Federal Law of the Russian Federation “On Personal Data” (Article 19.p.2) providing the possibility of 1st level protection of personal data. In particular, in accordance with clauses 15 and 16, the system maintains an electronic message log and an electronic security log. The journals are maintained on the basis of BlockChain technology, which excludes the possibility of forgery.

Also, in the system there is a regular possibility of keeping a security log for any system modules of interest or individual blocks of the module. To do this, you just need to check the box in the module block settings.

HTTPS level A + connection

Only secure HTTPS connection using the most modern TSL protocol is used.

Our Service's TSL settings reach the highest security level A + ( Security Level Tests )

Two-Factor Authentication System

The system provides for the connection of additional login security by using the two-factor authorization function via Telegram.

Employee access rights

Employee access rights can be detailed down to any element on the page. Rights can be assigned, ranging from access to menu items, and ending with specific elements of a web page, folders, reports. Access control in the ERP Platform is organized on the basis of roles (development of a selective access control policy).

Personal data viewing log

In accordance with the legislation, the system implements universal logs for viewing personal data. They can be connected to any module. In them, based on blockchain technologies (which excludes the option of forgery), who and when viewed what personal data are recorded.

Using these mechanisms, any of our clients can organize measures to protect the personal information of their employees and clients, in accordance with the security threats relevant to him, in accordance with the Decree of the Government of the Russian Federation of 01.11.2012 N 1119 "On approval of requirements for the protection of personal data when processing them in information systems personal data "

Advanced permissions settings

Any element in the company interface has default access rights. It can be reading (or viewing), changing, adding, deleting.
  • Read (sel or select) - allows you to see the element on the screen
  • Change (up or update) - if there is a form for entering changes in this element of the page, it can be used, otherwise the element will be inactive.
  • Adding (ins or insert) - if there is a form for entering new information in this element of the page, allows you to use it, otherwise the element will be inactive.
  • Delete (del or delete) - if there is a delete form in this element of the page, allows it to be used, otherwise the element will be inactive.
By default, all rights are configured for any Role. But if it is necessary to give one or another Role access to an element that is not visible by default, or vice versa, to deny access to a particular element, individual rights can be assigned to each element of the system of any Role.

Rights are assigned to:
  • Page Template is a whole module page. ( If we take an analogy with Excel, this is a Book )
  • Bookmark is the area of ​​the module page ( If we take an analogy with Excel, then this is a tab )
  • Cell - any page of the module can be divided into Bookmarks, and Bookmarks into cells. Elements can be inserted into cells (for example, buttons, output forms, text). Cells can be formed as in Excel. Individual rights can be assigned to these individual cells. ( If we take an analogy with Excel, then these are cells in the tab )
  • Main menu - rights can be given to elements of the main menu, this is the root menu of entire sections.
  • Submenu - rights to menu items. ( For example, you can hide not the module itself, but simply cut off the user's access to this module )
  • Folder - you can separately deny or allow access to a particular folder on the disk
  • Reports - you can separately deny or assign access to a particular report or to a whole group of reports if you specify the root of the group.
  • Procedures - you can allow access to various procedures in the system configurator. For example, by default, a user in reports has access only to a limited range of procedures.

Logs of changes in employee permissions (assignment of access rights)

Consists of two magazines:
  • Access rights assignment log
  • Access rights change log
Permissions assignment log

The system maintains a log of assigning the powers of the Licensee's employee to access personal data in the information system, in accordance with clause 16-A, Resolution of the Government of the Russian Federation of 01.11.2012 N 1119 "On approval of requirements for the protection of personal data during their processing in personal data information systems" ... This allows the company to implement an internal organization to protect access to personal data.

The register of access rights assignments works on the basis of BlockChain technology. The subsequent checksum uses the sum of the previous record. If information discrepancies are found with the checksum, or with the previous block, the record will be highlighted in red.
Access rights change log

The system maintains a log of changes in the powers of the Licensee's employee to access personal data in the information system, in accordance with clause 16-A, Decree of the Government of the Russian Federation of 01.11.2012 N 1119 "On approval of requirements for the protection of personal data when processing them in personal data information systems" ... This allows the company to implement an internal organization to protect access to personal data.

This log records change of Role's permissions. Those. all employees with this Role will have their powers changed.

The access rights change log is based on BlockChain technology. The subsequent checksum uses the sum of the previous record. If information discrepancies are found with the checksum, or with the previous block, the record will be highlighted in red.
«ERP-PLATFORM» LLC © 2021