- direct traffic through VPN (Virtual Private Network) - requires VPN reconfiguration on both sides, - block access to the domain and allow access from a particular IP address (specific IP addresses or a range of addresses) - configuration required on Verestro side, - free access for everyone, who have an account in Admin Portal (no matter if VPN configuration or IP address are set.

1. Building and maintaining network security - the need to build and maintain a firewall configuration that protects cardholder data, not using manufacturers' default passwords and settings. 2. Protecting cardholder data - protecting stored cardholder data, encrypting data transmissions when using public networks. 3. Maintaining a payment management program - using regularly updated anti-virus systems, developing secure systems and applications. 4. Implementing strong access control methods - limiting access to cardholder data to only those with a business need, assigning each user a unique ID, limiting physical access to cardholder data. 5. Regular network monitoring and testing - testing security systems and processes, controlling access to network resources and cardholder data. 6. Maintaining information security policies - relying on security policies for employees and vendors.

Name of status	Description
Inactive	The inactive status means that the operator account was created with the is\_active=false flag. No invitation has been sent to the system. This is an optional status.
Invited	The invited status means that the invitation to the system (password setting link) has been sent to the operator. This is possible in two cases: 1. the account was created with the flag is\_active=true. 2. the account was created with the flag is\_active=false and then activated.
Active	The active status means that the operator has properly completed the registration and activation process, i.e. has created a password to the portal (using the link with the invitation or the resetPassword procedure if the link has expired). In this status the access to the portal is possible - it is the only status that allows a proper login.
Locked	The locked status clearly indicates that the operator has been locked by another operator. This status can be applied to all statuses except deleted. From locked status operator can return to his previous status. Moreover, if an operator with status invited has been moved to locked status and in the meantime has completed registration, then after removing the lock it will have active status - not invited as it was before the lock.
Deleted	The deleted status means that the portal operator has been irreversibly removed from the system. It is not possible to restore an operator account from this status.

Name	Description
Operator	User using the Portal regardless of role or level of rights.
Session token	Access to the system by a web application user is secured using a session token to uniquely associate the session with the user. It is required to perform any action.

Action	Description	Accessibility time
Reset password	Validity of link to reset password.	60 minutes
Create an account	Validity of link to first login to Admin Panel.	60 minutes
Login to the panel	Validity of code (4 numbers) to login.	10 minutes
User session	Session after successful login to the panel.	15 minutes
User lock	Time of lock due to incorrect password.	max 24h (until midnight next day)
Registration link	Validity of invitation link.	60 minutes

Aggregate area	Action	Admin	Manager	Employee
Portal management - Operators	View	x	x	-
	Create	x	x	-
	Edit	x	x	-
	Delete	x	x	-
	Lock	x	x	-
	Unlock	x	x	-

Parameter	Description
Group	Group determines the access level.
E-mail	Admin e-mail address.
First name	Admin first name.
Last name	Admin last name.
Status	Admin status (described in admin statuses part).
Actions	Action which can be performed on particular admin (described in admin actions part).

Process	Topic	Details	Comment
Invitation to the system	Set password to administration panel.	Hello! You are receiving this e-mail because an account was created for you, and you need to set a new password. <button to set password> Regards, < NameOfClient >	Standard email sent when portal operator added new operator.
Login process	Login code.	Hello! Your login code: <code> Regards, < NameOfClient >	Standard AP email sent when portal operator entered correct email and password.
Reset password	Reset password to administration panel.	Hello! You are receiving this mail because someone initialized password reset for your account. If it was not you, you can ignore this mail. <button to reset password> Regards, <NameOfClient>	Standard Admin Panel email sent when portal operator uses "reset password" button on login page.
Additional password policy	Password expiration reminder.	Hello! Your password will expire in <NumerOfDays> days. Please change your password to avoid losing access to the portal. Regards, <NameOfClient>	Related to additional policy to force password changes.
Inactive account policy	Inactive account reminder.	Hello! Due to inactivity your account will be blocked in <NumerOfDays> days. Please log into the portal to avoid losing access to the portal. Regards, <NameOfClient>	Related to the additional policy of automatically deactivating unused accounts.