Safe and Secure LMS | eFront LMS

Advanced Security Features

Because with eFront security is never optional

Data protection

eFront uses a secure protocol (HTTPS) for keeping all data encrypted when shared between your platform and a user’s browser. No data can be shared with third-party entities without your explicit consent. In addition, all data at rest are encrypted using industry-standard encryption algorithms.

Enterprise-ready Single Sign-on (SSO)

Use an Identity Provider for Single Sign-on authentication to simplify the user experience, reduce administrative costs and reinforce your platform's overall security. eFront works out of the box with Active Directory, LDAP, NTLM and SAML 2.0, but our powerful API makes other SSO implementations a simple and straightforward process.

Secure access

Successfully identify and mitigate all related risk by employing advanced security techniques. These include password expiration, minimum length and custom rules, 2-factor authentication, account lockout with increasing lockout time and IP whitelisting. eFront ensures access to your LMS is under your full control.

Optimal practices

eFront is built on a safety-first basis to follow best practices and comply with the latest security guidelines. These include OWASP’s recommendations against cross-site scripting (XSS), cross-site request forgery (CSRF) and SQL injection. We regularly perform penetration tests on all our products and infrastructure to identify and confront any current vulnerabilities. We also accept third party penetration tests upon request, within acceptable parameters. If you wish to perform a penetration test, you can contact your eFront representative.

Access control system

Supervise your platform’s user access and overall activity down to the last detail with eFront’s flexible organizational structure. Combine primary and custom User Types with different permissions to assign each user a particular role and level of access. Divide any portal into controlled-access sub-portals, which work independently and maintain their user hierarchy and varying restrictions.

Audit logs

All system activity is recorded and stored in an safe form by a logging subsystem. Upon malfunction, access all recorded history. Follow the audit trail back to the action that has affected a specific part of the system at a given time or is related to a user account. Use audit logs to identify security risks and promote user accountability.

Solid infrastructure

Our virtual cloud services use Amazon Web Services (AWS), a world-class infrastructure provider. This offers your system efficiency, safety and round-the-clock accessibility. AWS is highly reliable and equipped with the latest security-related certificates to offer first-class services.

Data redundancy

Your training data require the highest degree of protection with no room for compromise. We make sure your system will never suffer any outage, data loss or corruption. eFront’s fully-managed private-cloud deployment offers multiple levels of data redundancy both at infrastructure and application level.