PRODUCT FEATURE GUIDE
Organisational structure

Product Hero Image

Product feature guide

Authentication and access-levels

Overview Specification FAQs

A highly secure platform designed with you in mind. Our authentication system is a complete, highly secure solution for user authentication meeting major compliance standards globally. The access and data restriction controls are used and approved by Government and leading organisations.

Our authentication system is powered by Amazon Cognito, helping you meet multiple security and compliance requirements, including those for highly regulated organisations such as healthcare and government organisations. Cognito is HIPAA eligible and PCI DSS, SOC, and ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and ISO 9001 compliant.

Key benefits

  • Secure and scalable identity store with adaptive authentication
  • Single-Sign-On (SSO) and enterprise identity federation
  • Powerful access restrictions allowing flexible security controls.
  • Restrict users to your organisational location hierarchy.
  • Customise incident workflows at a granular level for specific locations and user types.
  • Protection and restriction of personal data access adhering to data protection compliance and legislations.
  • Customise incident workflows at a granular level for specific locations and user types.
Synapse Divider

AUTHENTICATION & ACCESS LEVELS
Specification

Secure
A platform ensuring data protection and user privacy through robust authentication and tiered access control measures.

Scalable
Automatically expands capacity and functionality while maintaining secure, tiered access and authentication integrity.

Restrictions
Adaptable platform offering customisable access, data controls, and configuration settings to meet diverse needs.

Open
Open identity standards (OAuth2.0, SAML 2.0 and OpenID Connect) and integrates with an extended ecosystem.

Synapse Divider
Authentication

Access via web browser - Google Chrome, Microsoft Edge, Firefox or Apple Safari (Command & Console only).

Access via iOS & Android apps - device biometric authentication on installable Apps (FaceID, fingerprint scanning, iris recognition) (Reporter only).

Access via Android app - device biometric authentication on installable Apps (fingerprint scanning, iris recognition) (Verify only).

Access via application programming interface (API) token key (Marketplace only).

User Pools provides a secure identity store that scales to millions of users.

Users can sign-in via social and enterprise identity providers (Google & Apple, Microsoft Active Directory)

Common identity management standards including OpenID Connect, OAuth 2.0, and SAML 2.0 are also available.

Users can verify their identities using a Time-based One-time Password (TOTP).

Detects unusual sign-in activity from new locations and devices and also if credentials that have been compromised elsewhere.

Use the same login authentication details for Command, Verify, Reporter & Console

User provisioning

Manual creation of user profiles by adding contact details, allocation to the organisation hierarchy and assignment of an access level.

Import thousands of users in bulk by utilising the CSV import tool for rapid creation of user profiles.

Automated management of users and integration with your own user systems/databases with our Users API service.

High-level access level restrictions

Allows restrictions on a module by module basis to defined levels.

Restrict users to an assigned Site(s).

Restrict users to an assigned Region(s) and all site(s) within.

Restrict users to an assigned Organisation(s) and all site(s) within.

Customer defined data restrictions

Restrict Access Levels to specific event category(ies), sub-category(ies) and specific event type(s).

Restrict Access Levels to specific question(s) within an incident workflow (who can answer, edit and view the question).

Restrict Access Levels to specific event status(s) i.e. a user can not select a restricted status.

Restrict Site(s) to specific question(s) within an incident workflow allowing you to ask different questions at different locations.

Restrict users to view data on a specifically assigned Site(s).

Restrict users to view data on a specifically assigned Region(s).

Restrict users to view data on a specifically assigned Organisation(s).

Workflow data restrictions

Show and hide tabs based on answers to questions.

Restrict response forms down by access level.

Restrict the question to question incident categories, sub-categories and types.

Restrict specific forms questions within a critical event workflow to specific Organisation(s) and Site(s).

AUTHENTICATION & ACCESS LEVELS
Frequently Asked Questions

We use AWS Cognito to power and secure our authentication.

What is AWS Cognito?

AWS Cognito is a service provided by Amazon Web Services that offers user authentication, authorisation, and user management for web and mobile applications. It allows for the integration of user sign-up, sign-in, and access control into your apps easily. Cognito supports identity providers such as social identity providers, SAML identity providers, and also offers its own user directory. It facilitates the creation of scalable and secure user directories, handling tasks like authentication, multi-factor authentication, and the management of user-specific data.

Is AWS Cognito secure?

Yes, AWS Cognito is highly secure, offering various features to protect your web and mobile applications. It includes built-in support for user authentication and identity management, encryption of data at rest and in transit, and integration with AWS IAM for fine-grained access control. Additionally, it supports multi-factor authentication (MFA) and complies with various compliance programs, enhancing the overall security posture of applications leveraging its capabilities.

AWS Cognito adheres to various security standards and compliance programs, including ISO 27001, which sets out the specification for an information security management system (ISMS), and GDPR for data protection and privacy in the European Union. Additionally, it aligns with the requirements of HIPAA for handling protected health information (PHI), making it suitable for applications that require strict data protection and security measures.

Is AWS Cognito powerful?

Yes, AWS Cognito is very powerful in terms of providing a comprehensive solution for managing user identities, authentication, and access control for web and mobile applications. It supports integration with various external identity providers, offers robust security features like multi-factor authentication, and allows for the easy addition of custom authentication flows. With AWS Cognito, developers can manage user directories at scale, customise user sign-up and sign-in processes, and maintain user data securely, all of which contribute to creating secure and scalable applications.

Yes, the platform can be configured to segregate access levels across different departments/teams, such as security and health & safety.

This is typically achieved through the Access Levels module, where users are assigned roles and restrictions that define their access permissions. By implementing such a system, you can ensure that members of the security team have access to certain data and functionalities, while the health & safety team has access to others relevant to their responsibilities.

Zinc Synapse Suite

QUICK CONTACT