One of the hottest topics in the South African tender environment is the Central Supplier Database (CSD). If you want to do business with the South African Government, you must be registered on the Central supplier Database. Once you start registering on the Central Supplier Database (CSD) it is noticeable how many security features there are. The database starts of by requesting you to supply a very high-level password. The password must inter alia contain capital letters, numbers as well as special characters. There are numerous other security features but the CSD website list the following seven features that address identity proofing:
- When registering on the CSD, not only is the email address confirmed but also a One Time Pin (OTP) sent as an SMS to the cell phone number provided when registering. This is called an ‘Out of Band’ method of adding an additional layer of identity proofing.
- When a new bank account is added or any existing bank accounts edited, an OTP will be sent to the supplier’s preferred contact as well as a notification e-mail informing the preferred contact that changes were made to the supplier’s banking information. Email notifications are also sent when changes are submitted. Both are implemented to endeavour to protect the supplier against malicious practices.
- The use of a CAPTHA functionality limit robots and crawlers to access certain areas of the CSD application.
- The CSD furthermore implemented role-based access control per user per supplier and thus only the supplier’s user(s) have access to the supplier information. The CSD does not have an administrative module and thus no single user can be a CSD administrator and access supplier information using the application.
- All passwords are encrypted on the CSD database. Any additional users the main user creates only have secondary privileges which means those additional users are not able to create other users which ensures that control remains with the main user.
- The communication channel between the CSD servers and the client’s browser implements SSL security which means the communication is encrypted and various other additional technical aspects have been implemented to limit other security breaches such as hacking.
- The Supplier Summary Registration report can only be accessed by other users if you decide to share both your supplier number and security code with them.
|To learn more about this and many other tender conditions attend our “Become a Tender Expert” 2-Day workshops and webinars. You can book online at https://howtotender.co.za/workshops/. Contact us at email@example.com should you require more information. Remember: We have various manuals and guides to assist you in the process of completing your tender documents.