| Corporate | FCOL Login

Home Products Product Overview Product Tour FirstClass Components FirstClass 12 FirstClass AppStore Resources FirstClass Client Downloads Video Tutorials Tips, Tricks and Tools FirstClass Online FirstClass License Upgrade Sales How to Buy Product Brochures Case Studies FirstClass Events Contact Sales Services Technical Support Professional Services Hosting Services Learning Services Downloads FC Client Downloads Company About Us Contact Us Location

Security in FirstClass

Product Overview Product Tour FirstClass Components FirstClass App Store FirstClass12 Preview     Contact Us   Email Us       Speak with a FirstClass Representative     1.8-88.808.0388       Contact Support       Request More Info       Subscribe to Newsletter

FirstClass is not only a powerful collaboration solution but one which provides an enterprise with several layers of security protecting both the organization's data and the users. User Account Security Every user’s UserID and password is distinct and unrelated to each other, or to the name of the user online. This makes it far more difficult to break into a user’s mail account. With most e-mail systems, logins are accomplished using the mail address, which is public information. FirstClass also offers packet-level encryption. This means that every portion of every message transmitted between the clients and the server is significantly more difficult to successfully intercept. Almost all network applications, from file sharing to printing to mail expose content directly to anyone utilizing a simple packet analyzer program. Packet level encryption is inherent to FirstClass and works when communicating using TCP/IP, the default FirstClass communications protocol. Encryption FirstClass employs a stream-cipher to implement secure logins and data communications. The encryption mechanism is proprietary. In the 20+ year history of FirstClass, and with roughly 5 million users, with many university students, we are not aware of a single instance where the encryption has been compromised. Currently we encrypt the entire FCP connection but not the content in the store. Since FirstClass stores everything on the server it is important to have complete link level encryption. The scheme uses a 3-way handshake with keys exchanged by the server and client at link startup, to ensure that the encryption is different each time. Everything from user activity, address books, messaging and chats are encrypted over the FCP link. Content/Conference Security Unlike most mail systems, FirstClass offers a complete user and group access control system, and provides this at both the system and the conference level. It is possible to control access to specific information, conferences, and folders extremely tightly, by allowing the administrator to assign discreet levels of access permissions for individual users, or groups, based on their requirements. An individual’s access is secured through their unique User ID and password which, as discussed above, is difficult to compromise. FirstClass and Network Security Security risks, from outside the local area network, are generally associated with a remote access solution such as remote TCP/IP routers, ARA and terminal servers. These can easily expose a network to outside and potentially damaging access. FirstClass is an excellent network firewall. FirstClass allows connections directly to the server machine via remote TCP/IP protocols. There is no method for such a connection to bypass the server machine, access the network or access anything other than the FirstClass Server, as controlled by the users’ permissions. In the event that a user has gained knowledge of the Administrator’s password (perhaps through observing the login process or other physical means) there is still no facility to have access to the server machine’s file structure or the network. One of the reasons for this is that FirstClass to FirstClass’s connections employ entirely proprietary protocols that are designed to run on top of inherently secure operating systems. With FirstClass, users are completely locked into an environment that cannot be accessed or bypassed from within that environment. If a user, in an attempt to break in, were to attempt to bypass FirstClass by somehow disabling FirstClass (which is not something FirstClass is susceptible to), the user would be instantly disconnected when the server ceased working. FirstClass, because it handles all of the communication protocols internally, is the only element handling the connection and no connection will exist when it ceases to function. The FirstClass Network Store's files all reside on locked volumes, so the files themselves cannot be accessed from the network, except when logged in as a FirstClass user. This, as discussed above, strictly controls the level of file access. This contrasts with several well-known e-mail products that require that their mail users have read AND write access to their network store files that must reside on an accessible volume on the file server. This allows completely free ability to edit, corrupt or even delete select files. The standard method suggested to protect against this eventuality is to frequently back up the files in question so that restoration is more easily accomplished. While providing some protection against data loss, this in no way prevents intruders from gaining access to the information contained within the mail system. Physical Security True security requires that the server machine and associated hard drives be physically inaccessible. It is easily possible to retrieve information from any hard drive if the perpetrator can gain physical access to the server for a protracted period of time.

© Copyright 2012 Open Text Corporation