Difference between revisions of "Whistleblower"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
== Hosting setup == | |||
The hosting is located at Amazon Webservices Stockholm data center. | |||
Supported services | |||
* SSL certificates are automatically updated monthly from LetEncrypts | |||
* UptimeRobot polls the server each minute checking | |||
** Access to database | |||
** Sufficient storage and RAM | |||
* Database is dumped nightly | |||
** Replicated to encrypted storage in EU | |||
** XXX | |||
== Security setup == | == Security setup == | ||
The following security and compliance features are active | The following security and compliance features are active | ||
| Line 4: | Line 16: | ||
* Multifactor authentication (SMS) | * Multifactor authentication (SMS) | ||
* Request throttling | * Request throttling | ||
* Storage encryption (LUKS) | * Storage encryption (AWS + LUKS) | ||
* Transport encryption | * Transport encryption | ||
* Activity and data logging | * Activity and data logging | ||
Revision as of 08:49, 16 September 2021
Hosting setup
The hosting is located at Amazon Webservices Stockholm data center.
Supported services
- SSL certificates are automatically updated monthly from LetEncrypts
- UptimeRobot polls the server each minute checking
- Access to database
- Sufficient storage and RAM
- Database is dumped nightly
- Replicated to encrypted storage in EU
- XXX
Security setup
The following security and compliance features are active
- Password policies
- Multifactor authentication (SMS)
- Request throttling
- Storage encryption (AWS + LUKS)
- Transport encryption
- Activity and data logging
- Versioning
- GDPR deletion policies (90 days)
- Event and system logging
Note that request logging have been disabled actively, in order to secure anonomity of the users