HomeServicesTechnologyAnalyticsOur ClientsAbout PCAContact Us

Web Client Security/Smart Client Security

Many of our Clients’ custom applications involve management of highly sensitive, proprietary business data e.g. financial records, patient records, legal contracts, transaction data, etc.  The Smart Client platform is built to enable a trusted Client-Server connection over the Internet, and can be readily configured to support the most rigorous data security requirements.
Secure data storage, fully-encrypted data transfer payload, and privileged-based access to the application at the feature-, data-, and reporting-levels are essential considerations for securing proprietary business data and meeting your internal and external security requirements.  For example, the Smart Client architecture (based upon Microsoft SQL Server and the .NET Framework) supports HIPAA standards for electronic information storage, encryption, transfer and processing of patient-sensitive healthcare and patient data.
Smart Client Security Diagram

Role-based User Privileges

All Smart Client applications use a standard, Admin-managed role-based security framework for determining who gets access to what, at the application feature-, data-, and reporting-levels. Security settings are stored in the SQL Server database, and Administrators can readily assign and manage different application use-privileges to different roles within and/or outside the organization.  Admin changes to privilege settings are automatically inherited by all Users who are members of a particular role.

Secure Data Transport Layer using SSL, HTTPs

Smart Client applications connect to a SQL Server database through the standard Ports 80 and 443.  Port 443 is used with secure encrypted SSL for data where high security compliance is mandated.  All data packets transmitted between the database and the application are compressed into binary format, hence unintelligible to any intrusion attempt that may inadvertently (or purposefully) be exposed to one or more data packets.  Smart Client applications function and perform very well in standard HTTP, HTTPS, SSL, VPN and Digital Certificate environments.

SQL Server Encryption

Server-based database security and management is a core consideration within secure business application environments.  MS SQL Server fully complies with technical requirements for server-side data storage.  Individual Database data elements can be stored, tracked and secured and audited in any variety of methods supported by SQL Server.

Session-based User Data Caching

Once application data is delivered from SQL Server through a secure transfer process, the Smart Client application architecture provides considerable power and flexibility for protecting data on a Users’ local PC.  Specific data is received from the SQL Server for various user-related needs; data input, refinement, and reporting for example.  During a session, a secure connection is maintained between the Server and Client application, and application data only exists on the User's PC during the active session. Once a User logs-out (or after a pre-determined time of inactivity), all the application data can be removed from the User's PC. Smart Clients can be configured so that NO DATA RESIDES ON THE CLIENT PC.

SQL Server Usage Monitoring & Audit Trail

PCA Smart Client applications also provide for ongoing monitoring, tracking and reporting of application usage.  Administrators know precisely WHO, WHEN and HOW OFTEN every authorized user accesses a Smart Client application.  PCA Smart Clients provide administrators with a full 360-degree view over and control and monitoring of application security.  A complete Audit Trail is a standard capability of Smart Client applications.
Learn more about the unique capabilities and flexible hosting and deployment options of the Smart Client platform, or see the relative cost & benefits of the Smart Client platform vs. browser (website)-based applications.