System and Security

System Information

Software Version

Current Version

We are currently running BodAdmin Version 1.0, this is our minimum viable product and the software would likely be seeing alot of changes in the future.

Modules

There are nine (9) modules associated with each license, named:

  • Governance Portal
  • Attendance Register
  • Minute Book
  • Corporate Universe
  • Dispute Portfolio
  • Contract Domain
  • Investor Relations
  • Reporting Tool
  • Enterprise Sustainability

Product Offering

This software is offered as an Enterprise service to improve performance, efficiency and service delivery in your organization.

Integration & Collaboration

BodAdmin supports multi-party integrations and users are absolutely enabled to create as much user groups and collaborative teams as they want.

Security Standards

Input and Data Validation

Extensive input validation for all user input. Filters and scrubs to be applied to all inputs and outputs to be encoded through exit points. Only trusted sources of data will be accessed within the application.

Authentication

Authentication will involve a username, password and optional two factor authentication routines.

Authorization

Authorization will be based on claims on user identity after successful authentication. Each module will have read, create, update and disable permissions granted to each user role. These roles will be assigned to users respectively.

Configuration Management

The application will run with least privileges required to perform any operation. Privileges will be incrementally added to execution accounts for specific tasks.

Session Management

Sessions will be maintained using cookies secured against cross site request forgery for web applications, Java web tokens for mobile applications secured against cross site script attacks.

Cryptography

Application will be obfuscated and compiled to prevent possibility of reverse engineering. The transport layer will occur over TLS security that ensures encryption of data in transit. All keys, connection strings will be encrypted.

Exception Management

Friendly information will be returned to users and detailed exception details logged for onward review by administrators

Auditing and Logging

All application, user and system events will be logged

Cookies and similar technologies

BodAdmin uses cookies and similar technologies for storing and honoring your preferences and settings, enabling you to sign in, providing interest-based advertising, combating fraud, analyzing how our products perform, and fulfilling other legitimate purposes.

Information Security and Storage

We implement technical and organizational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the ongoing integrity and confidentiality of personal information and we evaluate these measures on a regular basis to ensure the security of the processing.

Where we collect personal information from you, we will keep your personal information for as long as we have a relationship with you. Where we collect personal information from third-party sources and do not have a relationship with you, we will keep your personal information for a period of time that is consistent with the reason for which we collected it (see the section on How we use your personal information and the basis on which we use it above).

This retention period shall take into account the amount, nature and sensitivity of the relevant personal information collected, and when these retention periods have ended, we will retain your personal information for a period of time that enables us to:

  • Maintain business records for analysis and/or audit purposes
  • Comply with record retention requirements under the law
  • Defend or bring any existing or potential legal claims
  • Deal with any complaints regarding the services
  • Enforce our commercial agreements

We will delete your personal information when it is no longer required for these reasons. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.