Startup FAQ

From TempusServa wiki
Revision as of 10:11, 19 February 2020 by old>Admin (→‎Legal and ownership)
Jump to navigation Jump to search

Data handling

Storage and backup

You can choose between

  • On premisis (your location)
  • Cloud hosting

Cloud hosting will be handled on AWS datacentres in either Ireland or Sweden.

Backup is done to segregated triple redundant storage

  • Daily for at least a month
  • Monthly for at least 2 years

Access and ownership

Data in the systems belongs to exclusively to the customer.

TS support will in some cases need to access data under non-disclosure obligations.

GDPR compliance and retention

The platform contains everything needed for GDPR compliance in you systems.

Using workflow automation automatic deletion or annoumization can be set up: This should be configured in accordance with your retention and privacy policy.

A data processing agreement will be issued to your organization automatically,

Security

Authentication

Authentication is based on username/password.

Optionally 2-factor authentication can be set up using af mix of

  • SMS sent to phone
  • IP address of callers

Single signon integration is included for

  • ADFS
  • LDAP (and AD)
  • Google, Azure, Facebook, LinkedIn

Authorization

User permissions are granted via inheritable group membership

Authorization schemes

  • Field level control
  • State model
  • Data ownership

Additionally special roles can be assigned

  • Administrator (backend)
  • Bulk operations

Encryption

Transport encryption is based on SSL via HTTPS policies

Storage encryption is best handled via operating system measures

  • Linux: LUKS
  • Windows: Bitlocker

Password are hashed using BCrypt algorithm.

Protection

Platform complies with all requirements in OWASP level 2

  • Hacking: SQL injection, XSS, CSRF
  • Password policies

Requirements

Languages

Frontend can run multiple languages simultanously.

Some frontend languages are preconfigured

  • English
  • Danish

Backend language is english

User clients

A modern browser is needed

  • Chrome
  • Mozilla firefox
  • Microsoft edge

To use certain features an office suite will be needed (any version later than 2010)

Servers (option)

On premesis installations will need

  • Java 7+
  • MySQL 5+
  • Servlet engine

Licenses

Anonoumous users

Anonoumous users are paid for per interface: All users using a specific interface is counted as a single user license (1 SUL).

Light users

Some users will only cost a fraction of a normal user license (SUL)

  • Only read access
  • Infrequent users
  • Simple solutions