Difference between revisions of "Whistleblower"

From TempusServa wiki
Jump to navigation Jump to search
Line 15: Line 15:
* Password policies
* Password policies
* Multifactor authentication (SMS)
* Multifactor authentication (SMS)
* Request throttling
* Storage encryption (AWS + LUKS)
* Storage encryption (AWS + LUKS)
* Transport encryption  
* Transport encryption  

Revision as of 08:53, 16 September 2021

Hosting setup

The hosting is located at Amazon Webservices Stockholm data center.

The server utilizes the following supported services

  • SSL certificates are automatically updated monthly from LetEncrypt
  • UptimeRobot polls the server each minute checking
    • Access to database
    • Sufficient storage and RAM
  • Database is dumped nightly
    • Replicated to encrypted storage in EU
    • Rentention daily 60 days, monthly 2 years

Security setup

The following security and compliance features are active

  • Password policies
  • Multifactor authentication (SMS)
  • Storage encryption (AWS + LUKS)
  • Transport encryption
  • Activity and data logging
  • Versioning
  • GDPR deletion policies (90 days)
  • Event and system logging

Note that request logging have been disabled actively, in order to secure anonomity of the users