Secure Cloud and Mobile solution
 


VisiCase  uses web-based front-end and does not require any additional customer’s infrastructure. Our solution can be used anywhere, anytime, 24/7. VisiCase has an integrated security and access layer. This is not added to the various pages, but is stored as metadata and applied at each application function. This means all stakeholders work in real time online, regardless of their location. It also means that all stakeholders will log onto a single portal and access the functions and data they are allowed to see. Access to the VisiCase portal is by security permissions. This allows for a full collaboration, where for example the clients can view the progress of their application, the internal staff can have full visibility of all activities, the experts can implement a specific task and the management can run reports and view progress. This configuration has been used successfully in a number of large implementations.VisiCase security framework includes the following elements: 

Security profiles
 
Security profiles are used by the application to grant access to various functions. Apart from access to functions, security profiles store additional information such as password expiry dates, password hits and so on. Security profiles dynamically create correct menus for each user, Active List entries, reports etc. to which the user has access.  

Permission groups 
Permission groups are granular units of functionality that allow users access to certain functions. Permission groups are mapped against Security profiles 

Maintaining security of data
 
Raw sensitive data can be encrypted and cannot be viewed or used, unless a user has been authenticated and is given access to the data. A user account is assigned with security classes, and each security class allows the user to perform certain functions. VisiCase’s solutions also use data workflow security which defines ‘who’ can perform ‘what functions’ to a specific ‘business object’ in ‘a certain step’ in that object’s life cycle. If the object transitions to another step in its life cycle, the same user may no longer have access to the functions and will not be allowed to perform those functions. The entire database can also be encrypted, making it impossible to be viewed or used even if the database backup is somehow obtained by unauthorized persons.