During the past decade, the Acadis® Readiness Suite has become a go-to tool of choice for training innovators in law enforcement, public safety and military communities. And while that growth was fueled by continual, client-driven product development, it also owes much of its success to two key attributes: a stable, intelligent architecture and a rock-solid security framework. That’s why you’ll always find us eager to dive into the details about the underlying dynamics that make Acadis run so well — and run securely.
Acadis Hosting and System Architecture
As a turnkey solutions provider, we run Acadis software on our hardware, using our Windows® and Oracle® licenses at our government secure-cleared facility. Then, through our secure web interface, you can instantly access all your Acadis modules.
If you want to host it yourself, we can do that. If you use Linux to host your databases, we can do that. Don’t have an Oracle DBA on staff? That’s okay; we work with a lot of customers to perform the necessary updates and tuning.
While all portions of Acadis are tested to work with Internet Explorer®, we understand that field users will have a broader variety of browsers, so we support the latest versions of Internet Explorer, Firefox®, ChromeTM and Safari® in the portal modules. Add a PDF viewer, and your users are good to go in reading reports and getting their certifications directly, reducing your printing and mailing costs. Importing and automated functions will eliminate paper scanners and microfiche needs.
Regardless of how you host Acadis, we’ll recommend using SSL (Secure Sockets Layer), so that all data passing between users’ desktops and the servers is encrypted. Because of the sensitive data stored in the Acadis database, Acadis application servers and the database server are always housed behind a firewall. The portal can be placed in an Internet-accessible location (typically a DMZ) or inside the firewall.
We’ve got security through restricted web services so that portal users make limited calls for each individual user’s information, rather than opening up the entire database. In addition, we’ll configure the system to use IP restrictions, allowing data inquiry only from approved networks or computers.
Acadis Security Features
Application security features can be individually configured to your specifications. More precisely, Acadis administrators can set security parameters like password expirations, password length and password strength. You can also have authentication through Active Directory Single Sign-On.
Role-based permissions management allows your Acadis administrator to define functional roles, and then simply apply common sets of security permissions to that group of users. Functions like accessing personally identifiable information or seeing someone’s training are controlled by a separate permission. Changing grades, deletions, scheduling changes and everything else within Acadis are controlled by discrete permissions that allow varying levels of access to ensure ultimate authority rests in the hands of those it should.
To create and maintain legally defensible records, you need to know who did what and when. You also need to know when someone changed or deleted information. With our audit tables and audit report, we’ve got you covered.
Acadis Security Framework
We think about security a lot. Since our business was formed, we’ve been doing work for the Good Guys. Unfortunately, bad guys target the Good Guys, and the security built into Acadis was designed with this in mind.
Most outside security breaches come from either a weak network configuration or weak code. You won’t find either here. Our developers are trained to recognize security vulnerabilities in coding and make sure they don’t exist. During our code reviews, you’re likely to hear discussion about ways to prevent cross-site scripting, SQL injection attacks and cross-site request forgery. We’re comfortable with complex terminology and serious technology. Our code goes through several security scans to verify we conform to the Department of Homeland Security 4300A and 4300B security guidelines.
Our hosted environments are FISMA (Federal Information Security Management Act) conformant. If you need the extra assurance of a certified and accredited environment, we can provide that with our hosting environment through either a NIST (National Institute of Standards & Technology) or a DOD DIACAP (Department of Defense Information Assurance Certification and Accreditation Process) methodology.
We employ an overarching security strategy that can be best described as “defense in depth.” The Acadis security framework is designed to give your system administrator the flexibility to work efficiently, yet never at the risk of compromising secure data and systems.
Windows® and Internet Explorer® are trademarks of Microsoft Corporation. Oracle® is a trademark of Oracle Corporation. Firefox® is a trademark of Mozilla. ChromeTM is a trademark of Google Inc. Safari® is a trademark of Apple Inc.
Download the Acadis Security & Architecture Product Sheet