Application Security

Key Features

Role-Level Access and Idle Disconnect

• Role-based access control ensures users can only use data and application functionality that is related to their responsibilities
• NetSuite automatically locks the application when idle connections are detected to prevent unauthorized access
• A complete audit trail ensures changes to every transaction are tracked with user login details and a timestamp.

Strong 256-Bit Encryption

• NetSuite provides 256-bit TLS encryption for user login and all subsequent data the same level of encryption used by online banks

Application-Only Access

• NetSuite ensures users can only access the application, not the underlying database

IP Address Restrictions

• IP address restrictions further minimize access to a user’s account
• Easily configure to ensure only specific computers and/or locations can access NetSuite.

Strong Password Policies

• NetSuite provides fine-grained password configuration options—from minimum password length and complexity to timeframe-based password expiration
• Supports password policies to ensure that new passwords vary from prior passwords
• Provides complexity rules to ensure passwords have a combination of numbers, letters and special characters
• NetSuite accounts are automatically locked out after unsuccessful login attempts
• For additional access control, NetSuite optionally supports multifactor authentication using a simple physical token to further minimize unauthorized access.

Protect Against Phishing

Users of online services are often targets of cybercrimes and security threats, including fraudulent “phishing” emails that attempt to lure people into supplying personal or company information such as credit card numbers, user login identities and passwords, financial account details and Social Security numbers.

Report Security Concern

Forward any suspicious email that uses NetSuite’s name to: security@netsuite.com