Security Measures
We have spent a lot of time, resources and researches to safeguard all data stored in the System.
Security measures against external threats:
1. All databases and files are located in VPN of Amazon Web Services and there is no any direct access to them.
2. Application is installed as a docker image on multiple internal servers and access to the application is regulated by load balancer.
3. Strict Amazon access rules are applied to route the traffic between Users and Application.
4. Automatically renewable SSL certificates are used to secure traffic between Users and Application to prevent Man-in-the-middle attacks.
5. Standalone Database servers can be access only from Application Servers.
6. Password re-try threshold is used to immediately block intruders IP to prevent Brut-force attacks.
7. Whitelist IP is used to access the Application.
8. No public user registration.
9. No password recovery via email or SMS. Only by Admin.
10. 2-factor Authentication is available via Google Authenticator.
11. Every login is notified to Admin via email.
12. CSRF tokes are used on saving data to prevent Injection attacks.
13. Load balancer is guarding the Application from DDoS attacks.
Security measures against internal threats:
1. All users clicks are registered. It helps case investigations..
2. Administrator receivers SMS alarm if users tries to test the system for breaches or gain higher level access.
3. 20 minutes of inactivity will log-off a user.
4. Every record in the System has trailing changes log.
5. All input data are sanitises against SQL injections, Cross-Site scripts and Path-traversal attacks.
Security measures against technical threats:
1. Database is baked up to another cloud storage on daily basis and can be restored in 2-3 minutes on the fresh server.
2. Application servers are automatically installed via Ansible Scripts in Docker Images. The minimum quantity of live application servers is two and they are automatically re-spawned in case of failure and automatically scaled-up in case of increased load on resources.
3. System administrator receives daily report of hardware infrastructure and application state.
4. System administrator receives alerts from cloud provider in case of faults or emergencies.
5. System administrator is monitoring the infrastructure via Amazon Reporting tools.
1. All databases and files are located in VPN of Amazon Web Services and there is no any direct access to them.
2. Application is installed as a docker image on multiple internal servers and access to the application is regulated by load balancer.
3. Strict Amazon access rules are applied to route the traffic between Users and Application.
4. Automatically renewable SSL certificates are used to secure traffic between Users and Application to prevent Man-in-the-middle attacks.
5. Standalone Database servers can be access only from Application Servers.
6. Password re-try threshold is used to immediately block intruders IP to prevent Brut-force attacks.
7. Whitelist IP is used to access the Application.
8. No public user registration.
9. No password recovery via email or SMS. Only by Admin.
10. 2-factor Authentication is available via Google Authenticator.
11. Every login is notified to Admin via email.
12. CSRF tokes are used on saving data to prevent Injection attacks.
13. Load balancer is guarding the Application from DDoS attacks.
Security measures against internal threats:
1. All users clicks are registered. It helps case investigations..
2. Administrator receivers SMS alarm if users tries to test the system for breaches or gain higher level access.
3. 20 minutes of inactivity will log-off a user.
4. Every record in the System has trailing changes log.
5. All input data are sanitises against SQL injections, Cross-Site scripts and Path-traversal attacks.
Security measures against technical threats:
1. Database is baked up to another cloud storage on daily basis and can be restored in 2-3 minutes on the fresh server.
2. Application servers are automatically installed via Ansible Scripts in Docker Images. The minimum quantity of live application servers is two and they are automatically re-spawned in case of failure and automatically scaled-up in case of increased load on resources.
3. System administrator receives daily report of hardware infrastructure and application state.
4. System administrator receives alerts from cloud provider in case of faults or emergencies.
5. System administrator is monitoring the infrastructure via Amazon Reporting tools.
There is no any other application on the market with such full set of useful features!
We are open for suggestions to improve the Finsola Information Management System.
We are open for suggestions to improve the Finsola Information Management System.