Franklin is hosted within a dedicated UK environment and links out to external systems you host via secure connections encrypted with SSL.
The Franklin API, UI and CMS are built on .NET Core – an open source software framework developed by Microsoft and used in millions of software applications since it’s launch in 2002.
The Franklin CMS is built on .NET Framework. Passwords for CMS and Frontend Membership are hashed with HMACSHA256 / 128bit salt encryption. Accounts will be locked after 10 incorrect login attempts and sessions will timeout after 20 minutes of inactivity.
The Franklin API sits between the Franklin UI and CMS used by both subscribers and tenants and the housing systems connected to Franklin via connectors. We use this to transfer data from your housing systems to the tenant facing front end using REST API standards.
oAuth is an industry standard authorisation protocol used by major technology companies like Amazon, Facebook, Microsoft, Google and Twitter. oAuth provides secure, delegated access between the Franklin portal, API and your third party systems linked via connectors without sharing credentials.
Franklin’s is hosted entirely in a Microsoft Azure environment. We use UK-based Azure VMs for the Franklin API,
The entire Franklin system runs on HTTPS, facilitated by Comodo 2,048 bit Industry Standard SSL certificates which provide 128/256 bit encryption of data as it passes through the API and up to the web browser to be accessed by tenants.
Franklin stores the minimum data required to allow the system to function. For every tenant who registers, the following personal data is stored within the CMS database:
Membership information cannot be exported from the CMS but members can be deleted, which purges their record entirely from the database.
It’s possible to limit which CMS users can see the membership section too, for security purposes. The Franklin team have an administrator account which would grant access to this section, but access to that account is strictly limited and audited.
When you import the data via the CSV tool, your data is added to an Azure SQL Database until you re-upload the data – at which point the previously uploaded data is overwritten.
If you’re using Franklin with an integration into one or more of your internal housing systems, the data transmitted via the integration is temporarily cached in memory but not stored or retained within the Franklin environment. In short – the more of your data accessed via an integration, the less is stored within Franklin’s Azure SQL databases.