Our solutions and frameworks are certified for use on US Air Force networks NIPRNET and SIPRNET
Application Layer and User Level Security ensures optimum security for Hosted and Onsite Installations
End User Security enables granular access to just the functions and data each user needs


The US Air Force granted certification in January 2018 for all xAssets Version 7.1-x products to be used on the two main US air force networks - NIPRNET and SIPRNET. This means the product is written to the highest standards and specifications and has passed stringent tests covering all aspects of software security in a web based environment.

The testing covers SIPRNET and NIPRNET meaning that the products can be used in highly sensitive environments. Since we started hosting in 2003 we have served solutions to military forces and suppliers in the USA and the UK, and in that time we have never had a service outage of any kind.

This means that the products are safe to use in web environments and best practises have been deployed. xAssets goes beyond these standards, so for example the product requires high encryption SSL to function, thus disallowing low security communication protocols.

xAssets Applications are secured using a combination of Sql Server, IIS and NTFS security options. Windows Authentication and Database Authentication are supported at the IIS and Sql Server level. This enables full access to an entire domain for self service or granular access based on the Active Directory Grouping of a User.

Security can also be an issue for Discovery processes. Hosted implementations (and Onsite Implementations) can use one or more local Collection Servers, placed at strategic network points, to facilitate the discovery of local assets using a specific set of credentials.

Browser security is maintained through the use of a sophisticated inter process communication mechanism, enabling security information to be stored against a browser without requiring an encryption of the username or password, since these items are only stored within the server domain or the sql server authentication mechanism. So no passwords are stored in the database and passwords are only sent across the internet in the case of hosted logons running under strong encryption with https/SSL.

Cloud Security

Our cloud platform is highly secured to STIG requirements. See the Hosted Infrastructure page for details.

Data Security

Data Security for hosted implementations is covered through a comprehensive Backup and Disaster Recovery Plan, which includes backup to multiple geographically distinct sites. Server failover is implemented for all enterprise installations.

Onsite implementations take care of their own backup and Disaster Recovery provisions. xAssets Engineers will help guide customers through the implementation of an effective strategy as part of the deployment process.

All solutions have the option to restrict data for specific user groups. See below.

User Security

User Security is implemented through the user of User Groups. Each group has specific permissions, and can have its own dashboards, menus, queries and reports. Each user group can also have restricted access to data. A query can be imposed on top of any user profile, limiting each users access to data records to just the results of that query, and that can include Sql "Where Clause" conditions.

This enables users to be restricted to just the data records they need.

Self Service profiles can also be implemented within xAssets Applications. This allows end users access to request assets, create and manage their own help desk calls, and manage their own assets, tasks, purchase orders, approvals, maintenance processes and other processes configured to the customers requirements.

Audit Information

The business rules within the xAssets application implement audit history recording as follows:

  • Every change to an asset record is recorded in a history table
  • Full asset history can be viewed from the Audit Information tab in the Asset Entry Screen
  • History tables can be used in Historical Reporting such as the IMACS reports
  • Changes to reference data records record data modified and user modified, on each database table

Configuration Options

To learn more about the functions and features available to IT Asset Management, Cloud Asset Management, Fixed Asset Management and Enterprise Asset Management customers, Click Here

© xAssets 2023 All rights reserved.