The next step in FlexWhere security: the PIN code

Security and privacy have always been FlexWhere’s points of departure. Naturally, we work with secure servers in the EU and only transmit data over secure connections. We have our own security officer, use TOTP for access to verified IP addresses, and our ISO certificates demonstrate how seriously we take security. It is now time for the next step: we are introducing the PIN code.

FlexWhere is readily accessible from employees’ mobile phones and tablets. This is in line with the BYOD (Bring Your Own Device) policy of many organisations. The app must therefore be user friendly and free of any privacy issues. That’s why you will never see an authorisation request when installing FlexWhere. We don’t download any GPS coordinates or contact details, nor do we need audio or video to make FlexWhere work properly.

Security and user-friendliness is always a delicate balancing act. On the one hand, we want to make the app as secure as possible. After all, the app is often used on devices that are owned or managed by employees. For example: What if such a device with access to data from all colleagues falls into the wrong hands? On the other hand, a PIN code is a further obstacle to using the app.

This is why we are leaving the PIN code option up to customers. Each company can then choose to enable the PIN for the entire organisation, or omit it for everyone. In order to burden the organisation as little as possible, a procedure has been built in to handle forgotten PINs .

Modern iPhones and Android devices offer apps the option of logging in with a fingerprint or facial scan. Since FlexWhere is continually moving with the times, especially in the realm of security, we are currently investigating whether we can also add these login options. We hope this will allow us to shift the balance even more towards user-friendliness, without compromising security or privacy.