Running in the cloud means that SuperOffice continuously invests in new technology, infrastructure and increased security. In this document, we will inform you about the security measures in place and what will come in the future.
This is a living document and will change over time, first published August 23 2017. Updated October 15 2018
For the last 2,5 years SuperOffice has tighten and improved the security of the SuperOffice Online platform. The actions we have taken, and will continue to improve on, include
- Require PKI, or authentication via certificates
- Prevent outbound internet traffic on all ports, except 80 and 443.
Certificates vs. Filtering on IP
SuperOffice, customers and partners want a safe and secure platform. While filtering on a destination IP address is one way of enforcing security, we have chosen a different approach where we authenticate using certificates, or PKI. In the near future this will be fully enforced.
Restricting Outbound Traffic
One of several significant ongoing changes is to control outbound traffic from the SuperOffice CRM Online environment. SuperOffice began this work on August 18, 2017, by modifying the CRM Online domain and infrastructure.
We will also introduce Proxy Servers for outbound traffic as one of the next steps in the process. The consequence for partners is that it limits the ports that may be used to access the internet. In the short term we will allow both port 80 (common http) and port 443 (secure https), but it is likely that we will limit this to only secure traffic on port 443 in the future.
Note that Erp Sync and Quote Connector already require to use secure communication at port 443.
From August 25th 2018 we also started to enforce the use of app://appid in the maintenance client - ERP Sync Connectors as notified and discussed here two years ago.
SuperOffice will always strive to inform partners before major changes, but customer security is our first priority and there may be situations that require us to take action before informing partners.