Application Security
Valarea is a cloud-based platform which can be accessed via native apps for desktop (Valarea Room for Windows 10, Valarea App for Windows 10), mobile (Valarea App for iOS and Android), and web interface through a number of popular web browsers on both desktop and mobile (Valarea App for web, Valarea Console).
The Valarea software consumes a REST API provided by our Re Mago Meeting Server (RMS Backend layer) which is credential secured over TLS 1.2. All communication with the REST API, and our IIS services, are over TLS (port 443) with 2048-bit asymmetric encryption and 256-bit symmetric encryption. The Hubs are authenticated on our servers using a 4 step authentication process with SASL. All inbound and outbound data from our backend layer is encrypted and transmitted over TLS with 2048-bit asymmetric encryption and 256-bit symmetric encryption using certificates from third party credited authorities. Network communication is protected using the latest in technology to secure all your video, audio and data. Using the TLS cryptography protocol, previously referred to as SSL, we provide protection using a 2048-bit asymmetric key in conjunction with a 256-bit symmetric session key. More information on ports used can be found within this document.
Valarea offers two different authentication methods to its Cloud users:
- Basic username and password authentication
- Third-party Identity Provider authentication (OAuth 2.0)
The Basic authentication requires a valid email address that undergoes an initial verification process through a confirmation email, and a password that must match our strong password policy.
Alternatively, Valarea supports the following third-party identity providers: Google, Microsoft, Apple. Authentication with third-party identity providers is made via a secure OAuth 2.0 process. Valarea has obtained app marketplace / app store certification from all the supported third-party identity providers.
Valarea users can add an additional security layer by activating the Multi-Factor Authentication. Valarea currently supports MFA via Authenticator App OTC, Email OTC, SMS OTC.
Enterprise On-premises accounts can set up SAML-based SSO giving their team members access to Valarea Server through an identity provider (idP) of their choice. A SAML 2.0 ldP like Azure AD can be chosen to set up authentication within your secure network.
Last modified 1yr ago