Difference between revisions of "Startup FAQ"

Data handling

Storage and backup

You can choose between

• On premisis (your location)
• Cloud hosting

Cloud hosting will be handled on AWS datacentres in either Ireland or Sweden.

Backup is done to segregated triple redundant storage

• Daily for at least a month
• Monthly for at least 2 years

Legal and ownership

All data in the systems belongs to exclusively to the signing part.

GDPR compliance and retention

The platform contains everything needed for GDPR compliance in you systems.

Using workflow automation automatic deletion or annoumization can be set up: This should be configured in accordance with your retention and privacy policy.

A data processing agreement will be issued to your organization automatically,

Security

Authentication

Authentication is based on username/password.

Optionally 2-factor authentication can be set up using af mix of

• SMS sent to phone
• IP address of callers

Single signon integration is included for

• ADFS
• LDAP (and AD)
• Google, Azure, Facebook, LinkedIn

Encryption

Transport encryption is based on SSL via HTTPS policies

Storage encryption is best handled via operating system measures

• Linux: LUKS
• Windows: Bitlocker

Password are hashed using BCrypt algorithm.