We understand the importance of security when using a system like MyWebWorkplace, particularly when you consider the broad nature of the information we hold on your business and its people.  This is especially important when you consider the large, and supposedly, secure companies that have had their data stolen in the past few months.  We have specialist network and web security knowledge in house.  MyWebWorkplace employs a number of security features:

• MyWebWorkplace is not a high profile site
• Hardware firewalls, software firewalls and IPSec rules are in place
• The ports are locked down to specific IP addresses apart from HTTP/HTTPS (80/443)
• Very restricted access to a small selection of ports by IP
• Dedicated server - Not on a shared box like a lot of other systems
• All current patching is automatically applied to OS and MS components,
• All OS user passwords are complex,
• The data base requires passwords (complex)
• Webserver runs HTTPS (2048 bit)
• Locked down OS and unused services stopped
• Each login creates a unique one time value for an encrypted cookie and expires after 24 hours which has a corresponding value in the DB (You can't fake the cookie).
• The logins should be secure with lockouts after 3 failures and forcing the user to use 8 character upper/lower and numeric passwords (complex)
• Each internal screen requires the user to be authenticated or else redirects to the login page
• Trapping for SQL injection
• Java Scripting injection causes an error
• Compartmentalised access - each client stored in a single, dedicated DB not a shared DB model
• Monitored 24/7/365 for out of norm values (high CPU / response time etc)
• In the past, similar systems created by Us have been checked and passed by a reputable security firm
  

We also employ other security measures to prevent or trap would be hackers that shall remain undocumented.

We are very please to announce the release of our most significant update to MyWebWorkplace yet.  It is especially important as it represents the transition from a comprehensive business absence management system to a multi-modular business management system (sometimes known also as a business automation system).  The priority in this release was to add the beginnings of an HR system but also to add more control and flexibility to our users access and permissions.  This will become increasingly more important as we add more business modules.

Here is a summary of our recent developments.

Client Site

MAJOR CHANGES

Core

1. New module: HR Lite - FREE WITH OUR EXISTING ABSENCE MANAGEMENT SOFTWARE - employee personal information collection such as home address & next of kin etc.
2. Audit trail (log of changes to the employees personal information)
3. System functionality can be switch on and off (individual unused elements of each business module)
4. All menus are now database driven to allow for a finer control of access (who you are, what you do, where you are in the company and your relationships all determine what you can see and do in MyWebWorkplace)
5. Menus are amalgamated to allow for more business modules
6. More Control on permissions/access
   1. User Group/department relationships e.g. group deputy
   2. User functional roles e.g. Holiday Admin/Sickness Admin
   3. User relationships e.g. line manager/assistant
7. User Company roles e.g. Fire Warden/First Aider (Searchable in the Directory)
8. Better access to more online help available

Absence module

1. User alerted when leave request is left in draft (draft requests are visible to client admins
2. Automatic update of future mandatory leave when employees change their calendar and/or work pattern and/or working day information

MINOR CHANGES

1. Small Bug fixes
2. Improved site appearance
3. Social Network Integration
4. Rearranged/renamed fields for a more logical user experience
5. Clearer presentation of information
6. Fixed grammatical errors
7. Broader browser and OS combination testing

Partner site

1. Improved client information to partners in the partner portal

As always, thank you to our valued clients for their welcome feedback and be assured of our continued focus on providing you with the best.