Startup FAQ
Data handling
Storage and backup
You can choose between
- On premisis (your location)
- Cloud hosting
Cloud hosting will be handled on AWS datacentres in either Ireland or Sweden.
Backup is done to segregated triple redundant storage
- Daily for at least a month
- Monthly for at least 2 years
Access and ownership
Data in the systems belongs to exclusively to the customer.
TS support will in some cases need to access data under non-disclosure obligations.
GDPR compliance and retention
The platform contains everything needed for GDPR compliance in you systems.
Using workflow automation automatic deletion or annoumization can be set up: This should be configured in accordance with your retention and privacy policy.
A data processing agreement will be issued to your organization automatically,
Security
Authentication
Authentication is based on username/password.
Optionally 2-factor authentication can be set up using af mix of
- SMS sent to phone
- IP address of callers
Single signon integration is included for
- ADFS
- LDAP (and AD)
- Google, Azure, Facebook, LinkedIn
Authorization
User permissions are granted via inheritable group membership
Authorization schemes
- Field level control
- State model
- Data ownership
Additionally special roles can be assigned
- Administrator (backend)
- Bulk operations
Encryption
Transport encryption is based on SSL via HTTPS policies
Storage encryption is best handled via operating system measures
- Linux: LUKS
- Windows: Bitlocker
Password are hashed using BCrypt algorithm.
Protection
Platform complies with all requirements in OWASP level 2
- Hacking: SQL injection, XSS, CSRF
- Password policies
Requirements
Languages
Frontend can run multiple languages simultanously.
Some frontend languages are preconfigured
- English
- Danish
Backend language is english
User clients
A modern browser is needed
- Chrome
- Mozilla firefox
- Microsoft edge
To use certain features an office suite will be needed (any version later than 2010)
Servers (option)
On premesis installations will need
- Java 7+
- MySQL 5+
- Servlet engine
Licenses
Anonoumous users
Anonoumous users are paid for per interface: All users using a specific interface is counted as a single user license (1 SUL).
Light users
Some users will only cost a fraction of a normal user license (SUL)
- Only read access
- Infrequent users
- Simple solutions