A board portal is a document sharing and collaboration tool for board members, the management, administration and other stakeholders in the company. A board portal allows users to work paperless and efficiently. The documents are always available, online and offline, in a secure, user-friendly solution, via the web and iPad or iPhone app.
The preparation and distribution of board documents is simpler, more cost-effective and much more secure than distribution via e-mail, post or other channels. Organising meetings and post-meeting activities are also more efficient and streamlined. Processes and routines for inviting to and holding board and other meetings and post-meeting activities can be easily incorporated into the portal. This makes the board portal an invaluable tool before, during and after the board meeting.
At Admincontrol, our board portal solution has been developed through constant dialogue and collaboration with users, and is tailored to our customers’ routines for document exchange, meeting notification and confidential communication.
User-friendly interactions with the board, auditors, committees, shareholders and other user groups.
Secure distribution and storage of sensitive documents.
Full control and protection of confidential documents on the web or via iPad and iPhone app.
Common digital archive for board and management documentation.
Flexible and scalable solution that is easy to extend to subsidiaries, committees, working groups and other applications.
Satisfies formal requirements for information Control.
The ability to work paperless and efficiently.
Permanent access to board papers via the web, iPad and iPhone app, online and offline.
Receive meeting invitations and notification of new documents.
Easy to take notes, add annotations and enter comments in the documentation.
Everything in one place, all documents are archived in a searchable database.
Common login for officers of several Companies.
Streamlined and cost-efficient distribution of documents.
Quick and easy to create agendas and issue meeting invitations from the portal.
Complete overview, traceability, reports and logs of user activity.
Easy to make amendments to already distributed documents.
Dedicated channel for sensitive communication.
Easy to manage access and permissions.
Have you had a chance to look at the documentation for the upcoming board meeting? Seems like very promising opportunities for the company related to the fifth agenda point.
I’m working on this right now. Must admit that I have noted some challenges with this case, but I’m looking forward to the discussion next week.
SECURE AND EFFECTIVE collaboration
Better informed. Better prepared. Better decisions.
Executives spend up to 85 per cent of their time communicating and interacting on issues related to strategy and follow-up of initiatives. For the board members, it is also all about communication: sharing and reading documents, informing, discussing, commenting and giving feedback constitute a major part of their everyday work load. A lot of the documents and information that is shared are sensitive in nature. This requires a dedicated channel designed especially for this purpose: secure and efficient collaboration for the board and management.
The concept behind Admincontrol was originally to digitalise and safeguard board documentation. Paper-based processes are expensive and time-consuming. E-mail-based processes are vulnerable and ineffective. This remains the core of the board portal solution, but over the years it has developed into much more. Today, we talk about digitalising the entire board meeting process. Planning the board schedule for the entire year, preparing digital agendas, booking the meetings, distributing documents, preparing meetings, completing the meetings and signing the minutes. Admincontrol’s aim is to support all this functionality and we know that it makes a major difference to our customers. Our customers save time and money, and the board members and other users are more satisfied. The key decision-makers, the board and management, are better informed, better prepared and make better decisions for their company.
AREAS OF USE
Admincontrol’s platform is not just an important solution for board work; it is also ideal for any setting that requires secure and efficient collaboration as well as document sharing.
Other areas of use are:
- Internally within executive management
- With external auditors
- In HR, finance and other departments in the company which handle sensitive documentation
- In committees and working groups
- With owners and investors
DATA PROTECTION AND SECURITY
Data protection and security are crucially important for Admincontrol and something that most of our customers are concerned about. We cater for these requirements by maintaining a constant focus on security at every stage: from product development and day-to-day operations to the phasing out of equipment. Admincontrol has taken all the requisite steps for complying with data protection legislation and the GDPR.
SAFE AND SECURE
The security measures we have taken ensure that customer data are stored safely and securely and are only accessible by registered users with the correct access rights. Users without access rights have no access to customer data. If devices containing offline data are lost, they can easily be deleted using a remote deletion feature. All Admincontrol employees have undergone thorough background checks and can be entered on customers’ insider lists if so desired.
Security measures and internal control at Admincontrol are founded on our ISO 27001:2013 certification and comply with relevant legislation and security requirements.
Admincontrol has annual ISAE 3402 Type II audits performed by independent, certified auditors, who verify the internal control and ensure that our security measures are properly implemented and that they were fully functional throughout the entire calendar year.
In its development work, Admincontrol follows OWASP guidelines for secure development and OWASP ASVS, which is a standard for performing security verification at application level. Admincontrol performs regular security testing of production systems and applications.
Admincontrol uses Microsoft® .NET 4.0 technology to develop secure online applications. All data are stored on a Microsoft® SQL Server.
In Admincontrol, each user has a unique username and password which must be entered every time a user logs on. The password is not saved in the database in plain text. Admincontrol only stores one-way encrypted passwords using secure and recognised algorithms, thereby ensuring the highest possible password protection. In addition, an automatically generated one-time code is sent to the user’s mobile (SMS 2-factor solution) every time the user logs on.
For our Nordic users, we also offer authentication based on national eID solutions, such as BankID (Norway and Sweden), NemID (Denmark) and mobile BankID (Norway).
When customers are granted access to the portal, all data, including username and password, are encrypted using state-of-the-art TLS encryption. This powerful encryption protects the documents and other data as they are transmitted between your devices and the server. In addition, all data stored in the solution are encrypted with AES256 encryption.
The user rights are role based and grant rights at folder level. All information is linked to folders, including details of meetings and decisions. To assign users to a specific role, the customer’s user and administrator must grant rights to the relevant users or ask Admincontrol’s staff for assistance. Admincontrol is unable to assign rights without verifying that the request comes from an authorised user who is approved by the customer’s organisation.
All documents are kept in an encrypted storage solution and access to them is only possible through the Admincontrol applications. All PDF documents are read in a reader that leaves no traces of the document on the client device. The PDF reader’s cache is deleted when the document is closed. All other file types are handled as ordinary files and attachments, and can be downloaded in a readable form. Admincontrol is able to guarantee that a document does not leave a digital trace on the client device. The customer’s administrator can control printing rights for each document and choose whether the document can be downloaded in the ordinary way or may only be read in the secure PDF reader.
Security in data centres
Admincontrol’s servers are located in secure data centres that meet all modern security and environmental requirements. All the necessary ISO certifications is in place. The server environment is operated using state-of-the-art solutions, and we only use hardware, software and middleware from major manufacturers on the market. The rooms used are also protected by the following security measures:
• 24/7 manned security
• Monitoring system, e.g. humidity, temperature and fire sensors
• CCTV video surveillance
• Intruder-proof access control
• UPS with backup generator
• Automatic fire-extinguishing systems
All access to buildings and rooms is logged in an access control system. All access points to the rooms are video-monitored. Only authorised Admincontrol personnel have access to the physical equipment on which the portal runs.
Security monitoring and testing
All user activity is logged in the application log with exact time, IP address, username and information about whether the login succeeded or not. This includes the opening, editing, deletion and creation of documents, meeting or tasks. Furthermore, all user activity on the server and in the operating system is logged. Admincontrol has dedicated High-Availability firewalls and traffic logs for all traffic in and out of the servers. All traffic is monitored in real time in order to detect and block threats (IDS/IPS solution). All warnings from the detection system are analysed by security experts at a security centre that is manned 24/7/365.
At regular intervals, Admincontrol orders comprehensive security analyses and penetration testing to be carried out by an external, independent IT security company. The analysis covers both applications and infrastructure associated with the portal. The aim is to detect potential vulnerabilities and weaknesses that could be exploited by a potential hacker attack, and to rectify any potential weaknesses as quickly and efficiently as possible.
Admincontrol is one of the most professional and security-minded software companies that Encripto has worked with, since we started in 2010. They keep impressing us with their high security level. Outstanding!Juan J. Güelfo Lead IT Security Consultant at Encripto