The Security Module

The Security Module is an optional add-on to your subscription comprised of a collection of features and reporting options available to Form.io users. If you're seeking more robust security capabilities in your deployed environment such as audit logging, data encryption, and container scanning, this package is perfect for you.

Contact sales@form.io for more information about the Security Module

Below are the features and details included in the Security Module. Follow the links for more information:

Advanced Audit Logging

Server logs for more information on who, what, & when things occurred.

Learn more here: https://help.form.io/developers/audit-logging

Logs for more information on who, what, & when things occurred as it pertains to Form Actions.

Learn more here: https://help.form.io/userguide/form-building/actions#action-logs

Form Revisions

Extend the capabilities of any project cycle by giving users the ability to evolve current forms while preserving the integrity of previous iterations.

Learn more here: https://help.form.io/userguide/forms/form-revisions

Track changes to Submission Data and output a PDF audit log document of record for changes made to submission data.

Learn more here: https://help.form.io/userguide/submissions#submission-revisions

Enables the storage of submission data within a separate database collection, which ensures data separation between collections.

Learn more here: https://help.form.io/userguide/submissions#submission-collection

Field Level Encryption

Form.io ensures the security of sensitive data through a multi-layered approach to encryption. At the foundational level, Form.io runs on MongoDB, and when using MongoDB Atlas, encryption at rest and in transit is provided by default, using advanced encryption standards to ensure that all data is protected at multiple layers. Building on this foundation, Form.io adds an additional layer of security through its encrypted fields functionality. This process leverages the robust aes-256-cbc algorithm, a symmetric encryption method known for its high level of security. To perform the encryption and decryption, Form.io utilizes the OpenSSL library via Node.js. Leveraging OpenSSL allows Form.io to securely encrypt data before storing it and decrypt it when necessary, ensuring that sensitive information remains protected throughout its lifecycle. The use of aes-256-cbc ensures that data is encrypted with a 256-bit key, providing a strong defense against unauthorized access.

Learn More here: https://help.form.io/userguide/form-building/component-settings#encrypted

Container Security Scanning

Guaranteed Container scanning using Snyk.

PreviousForm View Pro NextAccessibility Compliance Module

Last updated 11 months ago

Was this helpful?