Authentication

Flosum uses a variety of authentication methods, including SAML 2.0 for SSO and IAM, to secure your data and provide the highest levels of security. Our policy supports integration with identity providers in a native way, and does not use intermediary authentication/authorization tools (e.g., Keycloak, Auth0, Cognito, etc.). The system uniquely identifies and authenticates each individual user. Anonymous authentication is prohibited.

Single Sign On (SSO)

We prioritize efficiency and security by implementing an SSO solution. SSO significantly improves security by reducing the risk associated with password-related vulnerabilities and ensuring a more robust and centralized authentication system that maintains the highest standards of data protection. IP restrictions require a customer-hosted instance and configuration of the attendant AWS or GCP environment.

Multi-Factor Authentication (MFA)

Security of our digital assets is paramount, and as part of our comprehensive security measures, we employ MFA. By implementing MFA, we significantly bolster our defense against unauthorized access, safeguard sensitive information, and fortify our systems against potential threats. This proactive approach to security not only aligns with industry best practices but also underscores our commitment to ensuring the utmost confidentiality and integrity of our network. Flosum has enabled Multi-factor Authentication (MFA) delete, which turns on the MFA delete capability to require additional authentication to delete objects in a versioned S3 bucket. We use access points and VPC endpoints. All access points and VPC endpoints allow access to S3 without exposing the entire bucket, which restricts what can be accessed in the S3 bucket.