Overview of Data Security & Privacy

SiX IDaaS & IAM implements a robust security architecture designed to safeguard user identities and data integrity. Our defense-in-depth strategy combines Multi-Factor Authentication (MFA), OAuth 2.0, and OpenID Connect (OIDC) to provide industry-leading protection.

Multi-Factor Authentication (MFA)

MFA adds a critical layer of security by requiring users to provide two or more verification factors to gain access.

Enforcement Mechanisms:

• Step-up Verification: Required for sensitive operations or high-risk login attempts.
• Supported Factors:
  • TOTP (Time-based One-Time Password): Compatible with Google Authenticator, Microsoft Authenticator, and Authy.

OAuth 2.0 & OpenID Connect (OIDC)

We leverage modern authorization and identity protocols to ensure secure data exchange between applications.

• Token Security:
  • JWT (JSON Web Tokens): All access and identity tokens are signed using the RS256 (RSA Signature with SHA-256) algorithm, ensuring non-repudiation and integrity.
• Granular Consent Control:
  • Scope-based Authorization: A framework that limits data access to specific, pre-defined "scopes." Users must explicitly grant consent before an application can access their profile information.

Strategic Security Benefits

• ✅ Phishing Resistance: Implementing MFA significantly mitigates the risk of credential theft, blocking the vast majority of automated account takeover attacks.
• ✅ Data Minimization: OAuth 2.0 scopes enforce the principle of least privilege, preventing "over-permissioning" and ensuring applications only see the data they truly need.
• ✅ Standardized Privacy: OIDC-compliant consent screens give users full transparency and control over what personal information is shared with third-party service providers.

---