No! All customer data is encrypted at the database level. Due to this encryption, customer data cannot be viewed, read, or interpreted in its stored form by any individual, including Cetbix employees. Without the corresponding decryption keys—access to which is strictly controlled and not available to employees—the data remains unintelligible.
Cetbix employees do not have credentials that permit access to customer accounts and are strictly prohibited from accessing, retrieving, or viewing customer data except where explicitly authorized in writing by the customer for approved support or operational purposes. Any such access is limited in scope, granted only on a need-to-know basis, and subject to a valid nondisclosure agreement signed by the relevant employee. All authorized access is restricted to the minimum necessary level required to perform the requested services and is fully logged, continuously monitored, and periodically audited by independent reviewers to ensure accountability, security, and compliance with applicable legal, contractual, and regulatory obligations.
Yes. Cetbix supports Single Sign‑On (SSO) to allow your users to authenticate through your organisation’s identity provider (for example, Microsoft Entra ID / Azure AD, Google or other SAML‑based Identity Providers) instead of managing separate Cetbix usernames and passwords.
SSO simplifies user access, enforces your corporate authentication and password policies, and helps reduce the risk of weak or reused credentials. If your organisation requests it, Cetbix can configure SSO for your instance and document the integration steps and supported protocols (typically SAML‑based SSO or equivalent standards).
Access is strictly role-based and follows least-privilege principles. Access is granted only to authorized personnel and reviewed regularly.
Cetbix supports SAML 2.0 as the core SAML protocol for Single Sign‑On integrations. This is the current industry standard for federated authentication and is compatible with most modern Identity Providers, such as Microsoft Entra ID (Azure AD), Okta, OneLogin, and similar platforms.
Within SAML 2.0, Cetbix typically uses:
- SP‑initiated and IdP‑initiated login flows, so users can start from either your corporate login portal or the Cetbix sign‑in page.
- HTTP‑Redirect and HTTP‑POST bindings for SAML requests and responses.
- Metadata‑based integration (XML metadata file) to exchange certificates, endpoints, and entity identifiers with your Identity Provider.