stSoftware systems are designed to meet or exceeds all aspects of the Australian Government Protective Security Policy Framework PSPF. At stSoftware, we take security very seriously. Our servers are locked down to be accessed only via secure shell and from specific IP addresses and are constantly monitored. There is no direct access by developers or business users to the underlying system. All changes by site developers are kept within a sandbox to only ever allow changes that are validated and prevent
The system requires every user to have a unique login and indeed can be configured to logout other sessions when the user logs in via another browser.
The system administrator can configure the system password management and storage options to find the correct balance between convenience, performance and security. The password and login options can be configured at the global level and at a per user level.