Sugar Security Keeps Your Data Safe
Sugar provides multiple levels of system security. When deployed on-demand, all information transferred to and from the system, either via a browser or mobile app, is encrypted.
Additionally, sophisticated password enforcement mechanism that allows administrators to set security configurations for password strength, password ageing, system generated passwords, and reCAPTCHA for password reset.
User sessions are automatically terminated (forced logout) if the IP address changes in the course of the session. This prevents hijacking of the user session. If a new user session is started from a different web browser logout is also forced to prevent multiple concurrent user sessions.
Tracker reports, allow the Sugar administrator, to track all IP addresses used by users.
LDAP or Active Directory and SAML are supported for single sign-on and for centralised management of passwords across multiple systems.
Different teams of users can be assigned different access permissions – right down to individual field levels. Only those who need to see or amend information can do so. Export can be prohibited. Information can be marked as private.