OWLS is only accessible via an SSL (secure) connection in a browser. This uses a 2048 bit key with SHA256 hashing algorithm to communicate.
All user’s rights are replicated on the database. This means the same security rights are enforced by OWLS and by the database layer, ensuring 2 layers of security, should one be compromised.
OWLS has further security rights such as:
- A user can belong to multiple roles
- Certain roles can only see certain tasks
- Within claim approval, certain roles can only approve certain benefits up to certain amounts
- Within policy capture, certain roles can only capture up to a certain sum insured
- Within payment approvals, certain roles can only approve up to certain values
OWLS also has automated daily offsite backups.
EOH and SensePost have performed penetration tests on the OWLS system to no avail.