Difference between revisions of "Whistleblower"

From TempusServa wiki
Jump to navigation Jump to search
old>Jno
old>Jno
Line 1: Line 1:
== Application ==
== Application ==
LES Whistlebloaer Portal is fully managed by Tempus Serva Aps.
The LES Whistlebloaer Portal is fully managed by Tempus Serva Aps.


The system supports the following roles and usecases
The system supports the following roles and usecases

Revision as of 09:50, 16 September 2021

Application

The LES Whistlebloaer Portal is fully managed by Tempus Serva Aps.

The system supports the following roles and usecases

  • Lawyer: Handles whistleblower cases
  • Tenant user: Handles whistleblower cases
  • Whistleblower: Anonoumous users that creates new cases

Whistleblower have the option to return to their case using a randomized code.

Hosting setup

The hosting is located at Amazon Webservices Stockholm data center.

The server utilizes the following supported services

  • SSL certificates are automatically updated monthly from LetEncrypt
  • UptimeRobot polls the server each minute checking
    • Access to database
    • Sufficient storage and RAM
  • Database is dumped nightly
    • Replicated to encrypted storage in EU
    • Rentention daily 60 days, monthly 2 years
  • Office365 SMTP service for sending emails

Security setup

The following security and compliance features are active

  • Password policies
  • Multifactor authentication (SMS)
  • Storage encryption (AWS + LUKS)
  • Transport encryption
  • Activity and data logging
  • Versioning
  • GDPR deletion policies (60 days)
  • Event and system logging

Note that request logging has been deliberately disabled, in order to secure anonomity of the users.