Home > struktur > English > security_issues > Security and saving data

Security and saving data
 
factline made arrangements to assure data to be stored confidentially and that persons have no access to data they are not permitted for. Please extract an overview of the marrow regulations referring to data security from the “Affix factline data security”.
    1. Data security in the ASP-model

      A few concrete notes to the handling on the ASP-server:

      1. Backup frequency: Every 24 hours a backup will be made from all data on the ASP-server and will then be available for 7 days. Concretely, a dump will be taken from the database and the files will be synchronised with 2 directories.

      2. The backup-data will be copied physically from the backup-server to another server every 24 hours. These data will be available for 7 days too.

      3. Extended reliability: The server uses RAID 1 (which means that two hard discs contain exactly the same data – in the case one drops out, the other hard disc assumes the operations automatically).

    2. Data security on server solutions

      Basically it is possible to stage a server similarly as it was on the ASP-model. That ensures at least the same standards. Occasionally it is possible to take exceeding measures.

      Conceivable extensions could be

      1. Backups more frequently on the local server: The data on the ASP-server will be saved once every 24 hours on a different server at the same host (Hetzner). On demand the backup rate could be reduced. But it needs to be kept in mind that this has an impact on the amount of days which backups are available.

      2. Longer preservation of backup-copies: Before they will be overrode again the complete backups will be kept for 7 days on the ASP-server. If once detects a loss of data on day 8, it is not possible to reset the data. (But that is, as far as our experience goes, unlikely.)

      3. WORM storage: Optionally it would be conceivable to transcend all generated data (facts and log-data) to another place once every 24 hours and then to burn it onto a single writeable medium (e.g. DVD) once a week.

      4. Increased reliability: RAID1 will be applied for ASP-servers. To endow an own (decided) server with an elevated RAID (e.g. RAID 5) would be imaginable.

      5. Implementation of a secure and encrypted connection: HTTPS is used for encryption and communication-authentication between web-server and browser. Without encryption IP-packages would be readable as plain text for anyone who has according access to the net. It is important to note that the data-transfer takes more time with HTTPS.

      Costs for increased precaution will be calculated with the arising expenses according to the current factline price list for services. (see http://www.factline.com/148782.0)





Metainfo:
AutorIn: factline Webservices GmbH; Copyright: factline Webservices GmbH; Publiziert von: factline Webservices GmbH (factline2)
factID: 1223941.1; Publiziert am 07 Aug. 2008 09:38
 
Verknüpfungen:
struktur  >  English  >  security_issues