Find out how Expansive FM keeps your team safe. Includes details of Single Sign On (SSO) options
Authentication Options
We support multiple methods of authentication:
- e-mail/password authentication
- username/password authentication
- email/password with secondary one-time-password authentication username/password with secondary one-time-password authentication OAuth 2.0 based authentication
We can support Single Sign On (SSO) with SAML protocols (more info)
We can support Single Sign On (SSO) with OIDC protocols (more info)
We have experience in supporting a range of SSO providers:
- Microsoft Entra ID (formerly Azure AD) Microsoft AD FS
- Okta
- Auth0
- PingOne
- OpenID Connect
Roles-based Access Controls
Use of Expansive FM is controlled through role-based access. We use granular permissions to configure roles to meet your needs.
Physical Security
Expansive work with a number of trusted cloud hosting partners. We used multiple providers to support redundant service provision. We leverage the data-centres and facilities of these partners to ensure physical security and integrity of all data entrusted to us.
Our partners are:
- Digital Ocean: Information on their controls: Details here
- AWS: Information on their controls: Details here
- iomart: We use the York data centre: Details here
Encryption
We leverage encryption to protect your data while at rest (LUKS) and in transit (AES256, TLS 1.2 or higher)