Security considerations

As most organizations apply WorkZone Mobile (Legacy) to scenarios for documents of high security and confidentiality, it is very important to understand the level of security in the APP and the surrounding infrastructure.

• Authentication – WorkZone Mobile (Legacy) supports authentication using OAuth (Azure ADFS), NTLM (Windows Integrated), and Basic authentication. The recommended setup is either OAuth or NTLM depending on the network setup.
• Authorization – The WorkZone back-end ensures correct access to resources for the users that are logged in. See Security group rights.
• Network transport – HTTPS protocol is supported. It is recommended to use TLS 1.2. The highest level of TLS supported depends on the devices used in iOS the TLS version 1.2 for Android its TLS version 1.2.
• Data security – The WorkZone Mobile (Legacy) database and file storage is protected by the security on the device, both iOS and Android. Please refer to iOS Security guidelines and Android Security guidelines. It is important that a device runs with the correct security configuration enforced by a Mobile Device Management (MDM) system.
• Logging – All user actions are logged in the WorkZone Mobile (Legacy) back-end. See Use logs and deletion logs for more about the use logs and deletion logs in the WorkZone Operations Guide.
• Multifactor authentication - Multifactor authentication can be enabled in the MDM system.