Keep your GpsGate Server secure
At GpsGate, we keep security top of mind at all departments with a 'security first' mindset. We're ISO/IEC 27001 certified.
We encourage our partners to take all necessary precautions to keep your server secure and customer data safe.
- Make sure you always have all plugins up to date under Site Admin → Plugins.
- Create a strong password.
- Use 2-factor authentication (2FA) feature.
- Make the users change their passwords periodically.
- The AccessFilter plugin makes it possible for you to control which IP addresses can access your GpsGate Server.
- Make sure you only assign one physical person per login (username). And in this way you know "who did what".
- Use Roles and Features or Site Admin Privileges to make sure a user can not access features not needed for his work.
- See exactly which user did what using User Actions. You find it under Site Admin → System Tools → User Actions.
- See exactly which user was logged into the system from which IP and during which time. You find it under Site Admin → System Tools → Activity.
- Set inactive users to logout automatically. You do this in Site Admin under Applications > [Select app.] → Automatic logout.
- Block Brute Force Attacks for devices using this feature, under Server Administration → Settings → Security
- Block cross-site ASPX requests, under Server Administration → Settings → Security