Hi everyone!! ????
Hope you’re enjoying the new update and changes that were presented in the latest release notes this week.
You’re probably wondering – why are we bothering you with a new one already? ????
Well, this patch is not related to any new integration updates or performance fixes.
Today, we’d like to present to you our new security patch. Its purpose is to make attackers’ life harder and reduce fraud risks.
Our devs were eager to present this new security patch so you don’t get caught off guard next time you log into your SyncSpider account.
Now let’s get into more details.
We understand that running a successful e-commerce business is a challenging job. Our users operate with sensitive customers’ data so our highest priority is to create safe conditions and a secure environment where the transfer of data will be encrypted at all times.
For this reason, SyncSpider has implemented a number of different security upgrades.
Let’s focus, for starters, on the ones you’ll immediately notice on your side.
Password policy upgrade
- Mandatory password rotation every 3 months.
- Password requirements upgraded.
This means:
- If you have a weak password, on your next log in you will be prompted to adjust with a more powerful one.
- 3 months from you last password change, you will be prompted for a mandatory password rotation.
Encryption in transit protocol set to minimum of TLS 1.2
This means:
- SyncSpider has to have encryption in transit implemented (TLS1.2 or above).
- Clients using Windows local to connect with SyncSpider, and whose connection is NOT Encrypted in transit, or has encryption under TLS1.2 will have an error.
- Any connection via SyncSpider API, some integration or similar, whose connection is NOT Encrypted in transit, or has encryption under TLS1.2 will have an error
In the last two years, the sale of stolen data has dramatically increased. Our research revealed that 40% of the respondents said they would react quickly if they received an email requesting their personal data, and 8% immediately responded and sold their personal information to criminals.
Encryption provides data integrity in the event of a theft or loss. It protects data against fraud, data leakage, system errors, and malware infection. Encryption allows you to securely store information while minimizing exposure to unauthorized users and network attacks.
So, how secure is SyncSpider today, you (might) ask?
Well, today at SyncSpider, we pride ourselves on having a rock-solid platform.
We hope you like the new changes to our security policy. As always, we’re open to any feedback and suggestions from your side. ????????
SyncSpider team
