- "The highest rated system within the test 2010 is PlagAware"
Test HTW Berlin, 2010
- "PlagAware was one of the best systems in the area of usability"
Test HTW Berlin, 2013
- "PlagAware identified more web sources than most of other systems
c't Test Plagiarism Search Services, 2011
Protection against Unauthorized Access
The documents and texts transferred to PlagAware are available exclusively through the authenticated user account of PlagAware and will not be disclosed to third parties. To protect your data and to assure data privacy, we have implemented a number of technical and organizational measures:
- Encryption of Data Transmission. The transfer of data between your device / your web browser and our servers is done using the encryption standard AES-256 (Advanced Enncryption Standard with 256-bit key length). The algorithm is approved in the USA for state documents with the highest secrecy level. This ensures that sensitive content such as user names, passwords and uploaded documents cannot by accessed during transmission.
- Regular Security Updates. The operating system and the software of our servers is regularly updated. This way it is ensured that any safety issues caused by identified vulnerabilities are corrected in a timely manner and cannot endanger the integrity of our servers.
- Intrusion Detection System. On our servers, we make use of a so-called Intrusion Detection System (IDS), which tracks irregularities in the daily operation and reports any issues to the administration team. These include unplanned changes in configuration files or other unauthorized file modifications.
- Network Firewall. The network firewall is blocking traffic from suspicious address ranges and ensures that only permitted connections (e.g. encrypted connections to the PlagAware WebServer) are established.
- Application Firewall The application firewall automatically monitors and verifies all transferred parameters for validity. This way, all requests leading to web server overloads or malicious activities are tracked and blocked.
- Automatic Blocking of Addresses. In case multiple unauthorized requests are detected within a period of time, the respective addresses are added permanently to a ban list. This way, we ensure that future access by these sources will be blocked without impacting system stability or performance.
- Parameter Vulnerability Assessments. Within the manual parameter vulnerability assessment, all transfer parameters and variables are classified in regards to valid contents and value ranges. The classification as well as the correct handling of not permitted values is reviewed and captured in an assessment report.
Physical Access, Hosting and Server Security
PlagAware's databases and web servers are hosted by Hetzner Online GmbH in Gunzenhausen, Germany. The physical security, network security and system security is ensured by technical and organizational measures in accordance with the current state of technology. These include, for example, the video monitoring of server rooms, logging of hardware accesses, redundant connections to the network and centralized backup servers.