WorkPlus Mobile Security Solutions

FACE++/CA, Atc.

Ldentity Authentication


Supports digital certificates in the form of software / hardware, AI human face, life detection, fingerprints, gestures and other identity authentication

Full Watermark Coverage


Anti-screenshot

Anti-copy

Message Security


Burn after reading and session-grade encryption


Burn after reading

Important information leaves no traces to avoid the risk of leakage. The backend can set the reading time freely of the Burn After Reading messages.

Support text message, picture, voice.

 

Session-grade encryption

This is our enhanced encryption feature specially created for military users :

The content of each conversation session is encrypted with a key

The key will changed dynamically for every session

The key is globally unique and cannot be forged or reused

Client + Backend + Data Transmission Security


Security considerations for the entire link, have been inspected by military industry, procuratorate and other units

 

Message storage encryption (AES-128)

File storage encryption

Client tamper resistance

Client code obfuscation, anti-

decompilation

Executive Mode


Fine-grained executive privacy protection


The Contacts shows the list of executives, it supports chats between executives. Executives can directly send messages to general stuff, but the general stuff can’t send messages direct to the executives unless they have single chat history.

File Browsing and Distribution Control


File Permission Control.

Only preview is available when opened file(Office/PDF), not download / forward, to ensure that key information is not transmitted

 

Integrated with the HR system, the first time log in need to be verified by SMS verification code

 

Frequently used devices are free of authentication for the next login

 

Two-factor authentication ( password + SMS verification code ) every time log in with not frequently used devices

Fine-grained Control


Mailbox watermark control  Collection watermark control           

Single chat watermark control  Supports black and white list configuration           

Group chat watermark control Mobile file permission control           

Must-response message watermark control 

PC terminal file permission control 

 

Organization View


Through the Contacts view, let the suitable people see the suitable Contacts in the enterprise

   

Different view permission owners can see different Contacts views :

Security Guards

Dedicated Drivers

Cleaners

External Suppliers

Everyone can customize the exclusive organization view

Reset password through SMS Verification Code and Intranet


KWG Group Holdings : Avoid employees "guessing" passwords ; support leaders to authorize subordinates to log in.


Integrated with the HR system, the first time log in need to be verified by SMS verification code


Frequently used devices are free of authentication for the next login


Two-factor authentication ( password + SMS verification code ) every time log in with not frequently used devices.


MDM Mobile Device Management


User accounts and mobile devices can be bound to each other , one person with one account, to prevent account tampering and information leakage.


The application can be remotely locked and wiped.


User Operation Log


Each operation is being recorded inside the system to enhance the Platform security.



Security - Message Local Storage Encryption

 

 

Security sandbox : The data that accesses the internal information of the company should be automatically encrypted and it is automatically decrypted when in use. 

 

The data accessed on the mobile terminal should be set to "disabled, read-only, safe read-write, normal read-write" according to the permission setting, and specify the data operation and return limits for the corresponding settings.

 

For file types, the file name and content can be compressed, encrypted, when the mobile terminal reads, the reverse process is adopted to decrypt and decompress.

 

For the HTML5 module compression package, the contents of the files can be obfuscated, encrypted and compressed. After the content in the HTML5 module is decompressed, the browser can read the obfuscated and compressed files, and all we have to do is decrypt it.

Security - Access Control

 

The system protects critical data and services through a standard RBAC scheme

 

 

The user role configuration management design is carried out in accordance with the RBAC principle. The entities involved are : users, roles, permissions and resources. 

 

Users can have multiple roles, roles can be assigned to multiple users, permissions can be assigned to multiple roles, roles can have multiple permissions, and there is a many-to-many relationship between them. Resources and operations are combined into permissions. This type of access control is designed to realize fine-grain control of resource access at the button level.

 

 

Integrated VPN-dedicated-line Access Capability

 

Seamless integration with 3 types of VPN lines.

 

100% Customizable
Digital WorkStation