-
Notifications
You must be signed in to change notification settings - Fork 0
Security
⚠️ The documents on this wiki represents work-in-progress from the time where we worked on ensuring GDPR compliance. The documents are no longer updated and don't represent an updated state. For the most recent information, please visit our GDPR Commitment, Privacy Policy, Terms of Use, and Sub-Processors.
elmah.io consists of a number of microservice. Each service is responsible for one or more features on elmah.io. Services are hosted as:
- Web apps on Microsoft Azure
- Function apps on Microsoft Azure
- Windows services on Microsoft Azure Virtual Machines
Services are communicating using either Azure Service Bus or through a service REST API. All communication are routed through either HTTPS or VPN.
Authentication on the elmah.io website is performed using either one of the social providers (Facebook, Twitter, etc.) or through a username/password on elmah.io. The customer session is maintained using an authentication cookie.
Customers are responsible for securing their credentials on social media, as well as enable 2-factor authentication and other security measures, implemented by each provider.
As for customers signing up using a username/password, we use best practices for securing these. Passwords are hashed multiple times using a randomly generated salt. We never store the customers inputted password and we are not able to read or send the password through email. If the customer forget the password, there's a reset password feature available. Passwords must be minimum 8 characters long and contain three of the following 4 items: upper case letter, lower case letter, a symbol, a number.
Authentication through the elmah.io API is done through API keys. New API keys can be generated on the organization settings view, only accessible by organization admins. If a customer suspects that an API key has been compromised, the API key can be revoked through organization settings as well.
elmah.io has three levels of authorization on both organization and log: Read, Write, Admin. Organization admins are responsible of assigning correct the correct organization levels, when adding new users to the organization.
All endpoints accessing or modifying customer data, are secured using proper authorization (and authentication) checks.
Data is stored in two different data stores: Elasticsearch and Azure Blob Storage. According to GDPR, every company needs to appoint a Data Protection Officer (DPO). We've decided that only the DPO has access to the data stores directly. At elmah.io, the company CEO (Thomas Ardal) is also the DPO.
Access to Elasticsearch storage is enforced using a range of measures. We restrict which IP's to allow access. We encrypt the communication between the client PC and the storage. In order to access the data, a username and password known only by the DPO needs to be inputted.
Access to Azure blob storage is enforced using 2-factor authentication. All data in blob storage is encrypted at REST. Access requires an access key known only by the DPO.
Access to customer data is logged using Windows event log. We are working on an internal support tool, that will provide a more detailed audit log. This log will not only contain information about who accesses customer data, but also which data that are looked at.