Compliant Commercial Appraisal Software
YouConnect is compliant with the pertinent portions of the Department of the Treasury, Federal Reserve, the Federal Deposit Insurance Corporation (FDIC), The Office of the Comptroller of the Currency (OCC), The National Credit Union Administration (NCUA)’s Interagency Appraisal and Evaluation Guidelines, The Dodd–Frank Wall Street Reform and Consumer Protection Act, and Fannie Mae’s Uniform Appraisal Dataset (UAD).
Security is a top priority. You want to be confident that your documents and information are in a safe location. YouConnect is hosted by a national IT infrastructure provider in a SSAE 16, (formerly Sas 70) compliant environment, which is ISO/IEC 27001:2013 certified, the de facto global standard for Information Security Management (ISM). Additionally, RealWired as a company annually completes the rigorous AICPA SOC2 audit, providing additional verification to its technology and cloud computing users of the design and operating effectiveness of its internal controls.
Our platform employs procedural and technological measures that are designed to help protect personal information from loss, unauthorized access, disclosure, alteration, or destruction.
Security Layers For User Authentication
In order to address security issues that can arise with user authentication, the platform offers multiple layers of security. These are listed below:
- A sophisticated password enforcement mechanism that allows administrators to set security configurations for password strength, password aging, system generated passwords, and reCAPTCHA password reset.
- Automatic termination of the user session (forced logout) if the IP address changes in the course of the session. This prevents hijacking of the user session.
- Automatic termination of the user session (forced logout) if a new user session is started from a different web browser. This prevents multiple concurrent user sessions.
- The ability to run Tracker reports, as an administrator, to track all IP addresses used by users.
- The ability to use LDAP or Active Directory for centralized management of passwords across multiple systems.
- With the release of version 6.1, our platform also provides SAML support for single sign-on as another option for centralized management of passwords across multiple systems.
PHP vs. ASP.net Comparison
A comparison of PHP vs ASP.net, Performance, Cost, Scalability, Support and Complexity.
Excerpts from this article include:
- PHP wins over ASP.net for providing the most cost effective solution and providing a large amount of resources and support.
- It takes twice as much code writing to accomplish something with ASP.net than PHP, so time to deployment is faster using PHP.
- PHP is platform independent and can run on any platform — Linux, Unix, Mac OS X, Windows.
- The development process is more time-consuming when using ASP.net as opposed to PHP.
Go to this link for more details: www.comentum.com/php-vs-asp.net-comparison.html
2-Tier vs. 3-Tier
YouConnect is a 3-tier application in which security concerns were incorporated into its development from day one. 2-Tier applications may be more inexpensive and easier to maintain, but in our opinion are less sophisticated then our enterprise-level platform.
Excerpts from this discussion, “In my experience, the 3-tier architecture has the potential for better security, but if great care isn’t taken during development it frequently ends up less secure.” 3-Tier has stronger performance than two-tiered architecture since the latter is “more sensitive to the hardware the client is running on as well as the speed of a network connection.”
Go to this link for more details: www.nitrosphere.com/2013/09/20/2-tier-vs-3-tier-application-architecture
What is SOC 2?
SOC 2 is audit framework reporting on controls at a service organization relevant to security, availability, processing integrity, confidentiality or privacy. When a service provider is SOC 2 compliant you know that you can trust the design and operating effectiveness of its controls. The compliance reports are intended to meet the needs of technology and cloud computing users that need to understand internal control of a service organization as it relates to
The Audits are performed using AICPA guidelines and principles. Stakeholders (e.g., customers, regulators, business partners, suppliers, directors) of the service organization can rest assured knowing that a rigorous audit has been performed.