Multi-factor Authentication
The G-REX built-in authentication and authorization use Azure Active Directory (AAD) including Multi-factor Authentication. After authentication, the AAD issues a token that the user uses to access the services regardless of whether by using an interfacing website, APIs directly, or via an external system. Multi-Factor Authentication is required when logging in and could be required as a confirmation in other cases as well.
Multi-factor Authentication
The G-REX built-in authentication and authorization use Azure Active Directory (AAD) including Multi-factor Authentication. After authentication, the AAD issues a token that the user uses to access the services regardless of whether by using an interfacing website, APIs directly, or via an external system. Multi-Factor Authentication is required when logging in and could be required as a confirmation in other cases as well.
Single Sign-on
With the Azure Active Directory (AAD) authentication and authorization, the existing company accounts can be granted access to G-REX as well. When one logs in to their machine or Office 365 applications with Azure AD, the same single sign-on can be used by G-REX as well. The Single sign-on makes the office work secure while hassle-free. G-REX supports AAD natively but can also be easily integrated with third party authentication and signing services.
User Lifecycle Management
G-REX can rely on an existing corporate Azure Active Directory (AAD) and AD Federation. Companies’ security policies and user lifecycle management is hence automatically adhered by G-REX.
User Lifecycle Management
G-REX can rely on an existing corporate Azure Active Directory (AAD) and AD Federation. Companies’ security policies and user lifecycle management is hence automatically adhered by G-REX.
OWASP ASVS Level 2
G-REX is compliant with OWASP Application Security Verification Standard Level 2. G-REX is continuously tested against security vulnerabilities and development is actively integrating industry best practices. To ensure security we test it automatically every day.
ISO 27001
Grexel, all datacenters and development partners are certified with ISO 27001. The certified and tested business continuity and disaster recovery plans address even worst-case scenarios, such as Datacenter, Grexel offices or key person sudden and permanent loss.
ISO 27001
Grexel, all datacenters and development partners are certified with ISO 27001. The certified and tested business continuity and disaster recovery plans address even worst-case scenarios, such as Datacenter, Grexel offices or key person sudden and permanent loss.
GDPR
Within all Grexel and G-REX operations General Data Protection Regulation (EU GDPR) compliance is upheld. The GDPR compliance in G-REX case means access to any personal data is limited to need to know basis, no personal data ever travels or is accessed outside of the EU (unless separately agreed differently), the user consent is gathered and recorded and there is support for Right-to-be-forgotten and Right-to-be-informed.
Book a G-REX demo to learn more!
Grexel is the leading energy certificate registry provider in Europe headquartered in Helsinki with an annual transaction volume of over one billion MWhs. The registries are used by over ten thousand active account holders in 15 countries. As part of EEX Group, Grexel also helps its customers to design new certification schemes and cope with changing requirements set by international legislation and standards.
Contact
Grexel Systems ltd.
Lautatarhankatu 6
FI-00580 HELSINKI
FINLAND
Tel +358 9 4241 3160
info(at)grexel.com
Customer Support
Submit support request via support portal
or via email: support(at)grexel.com
