Whistleblower

From TempusServa wiki

Revision as of 09:01, 16 September 2021 by 80.161.14.74 (talk) (→‎Application)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Application

The Whistleblower system is fully managed by Tempus Serva Aps.

The system supports the following roles and usecases

Lawyer: Handles whistleblower cases
Tenant user: Handles whistleblower cases
Whistleblower: Anonoumous users that creates new cases

Anonoumous users have the option to return to their case using a randomized code.

Hosting setup

The hosting is located at Amazon Webservices Stockholm data center.

The server utilizes the following supported services

SSL certificates are automatically updated monthly from LetEncrypt
UptimeRobot polls the server each minute checking
- Access to database
- Sufficient storage and RAM
Database is dumped nightly
- Replicated to encrypted storage in EU
- Rentention daily 60 days, monthly 2 years

Security setup

The following security and compliance features are active

Password policies
Multifactor authentication (SMS)
Storage encryption (AWS + LUKS)
Transport encryption
Activity and data logging
Versioning
GDPR deletion policies (90 days)
Event and system logging

Note that request logging have been disabled actively, in order to secure anonomity of the users

Retrieved from "https://wiki.tempusserva.dk/index.php?title=Whistleblower&oldid=5086"