As announced, I activated the client portal for my clients over the weekend and it is now running stably in test mode.
The first tests of the client portal are successful. I have tested many solutions and have decided to go with something that runs 100% on-premise, rather than just on my servers.
Especially for a portal for sensitive client data, I think it is important that the data and content is only stored on servers controlled by me.
The portal provides a separate area for clients to
- send me files in a structured way
- Files that I send to receive securely
- Appointments to be made.
- Make comments on groups of files
and
- Share files with third parties.
Clients can also give employees or other authorized persons access to the portal without having to share their own access data.
The portal also offers a way to map projects, so I can better map things like startups, larger contracts, or permanent mandates. Other persons, such as tax advisors, can also be included in each project and will then only have access to the content intended for this person.
As a logged in user, you can also send me structured messages and track them in the long run. If things need to move quickly, there is a live chat, including the option of an audio or video chat without additional software.
Since there will be a lot of confidential files and information stored in the client portal, I have built in additional security along with regular backups.
Automated password guessing attacks are one of the most successful attacks on websites. And even if simple passwords are not allowed in the client portal, there is a certain risk that the person who knows the password is not the one who wants to log in. Modern technology allows attackers to guess user credentials within minutes. And even the most complicated password can be lost or accidentally given to an unauthorized person.
Every user of the client portal is therefore obliged to create a second factor within the first three days and then use it when logging in.
In addition to a security code via email, Google Authenticator, Authy, FreeOTP, Duo Security and several other 2FA services can also be used.
More features will be added in the coming weeks and months. Feedback is of course always interesting for me.
The client portal can be found under this link.