Protect your business with a platform built with security in mind
Secure your users, data, and solutions with enterprise-grade security features
Robust identity management ensures only the right users have access to your solutions
Use industry-standard IDM technology and best practices to meet stringent enterprise requirements.
Multi-factor authentication
Use multi-factor authentication and Lightweight Directory Access Protocol (LDAP) for user validation.
Single Sign On (SSO)
Implement Single Sign-On (SSO) or more complex federated authentication. Liferay DXP supports integration with any SAML 2.0 compliant Identity Provider by serving as a SAML 2.0 Service Provider. Additionally, Liferay DXP supports other authentication protocols such as OpenID, Kerberos, CAS, and OpenIM, providing flexibility to integrate with various identity management systems.
Roles and Permissions
Protect your users’ data and meet global data regulations.
To support data regulations, such as GDPR, Liferay DXP provides features to anonymize user personal data and export user personal data.
Restrict Access
Restrict access to Personally Identifiable Information (PII). No unauthorized user should be able to edit the permissions framework.
Delete Personal Data
Easily delete or deactivate personal accounts and data with out-of-the-box features.
Sanitize User Data
Remove the ability (even for administrators) to know the identity of users whose personal data was erased or anonymized.
Secure web services with a
multi-layered approach to security
Liferay DXP relies on several layers of security measures to protect Liferay’s web services.
IP Permission Layer
The IP address from which a web service invocation request originates must be white-listed in the Liferay DXP server’s portal configuration.
Authentication Verification Layer
The authentication verification layer serves to validate provided credentials and to create portal authorization contexts for Service Access Policies, OAuth 2.0 Resource Server access checks and user permissions layer.
Service Access Policy Layer
Service access policies allow the portal administrator to whitelist web service endpoints available to remote clients.
Launch even more securely on the cloud
Have your data security handled by a vendor that will ensure every part of your infrastructure is compliant and secure.
Partnership with Google Cloud
Our PaaS and SaaS offerings are backed by Google Cloud. Customers get to take advantage of Google Cloud’s world-class secure infrastructure and technology.
Cloud Security Assurance
Liferay SaaS includes ML-powered DDoS prevention to thwart cyber-terrorists. And both Liferay SaaS and PaaS provide self-healing, high availability, and automated disaster recovery, to make your solution as resilient as possible.
Regular Updates & Security
Ensure your platform has the latest bug fixes, feature updates, and security protection in place with regular release cycles. With Liferay SaaS, we will take care of all updates and patches for you.
Security You Can Trust
We've placed security, compliance, and data protection at the core of our products, offerings, and operations so that you can keep your business running securely.
Certifications
Liferay is certified in ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and many more.
Trusted Globally
Liferay is used globally and complies with some of the most stringent data regulations in the world, like GDPR, and ensures data sovereignty compliance.
Fit for Industry Needs
For over two decades, Liferay has provided secure solutions to industries where security is paramount, like finance, government, and healthcare.