security_considerations
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
security_considerations [2019/10/08 14:19] – lucy | security_considerations [2021/12/13 15:13] (current) – lucysecurity | ||
---|---|---|---|
Line 1: | Line 1: | ||
We work hard in making LUCY a secure product. Here is a quick overview of the most important security topics: | We work hard in making LUCY a secure product. Here is a quick overview of the most important security topics: | ||
- | * **Restricted network based access to LUCY**: | + | * **Restricted network-based access to LUCY**: |
- | * **Secure the user access**: | + | * **Secure the user access**: |
- | *** 2FA Authentication**: | + | * **2-Factor |
- | * **SSO**: https:// | + | * **Restrict the user access**: |
- | * **Restrict the user access**: | + | * **Secure Setup of LUCY in DMZ**: |
- | * **Secure Setup of LUCY in DMZ**: | + | * **Secure (and anonymous) storage of data**: |
- | * **Secure (and anonymous) storage of data**: | + | * **Delete sensitive data: |
- | * **Delete sensitive data: | + | * **Secure communication channels**: |
- | * **Secure communication channels**: | + | * **Transparent network communication**: |
- | * **Transparent network communication**: | + | * **Secure support**: |
- | * **Secure support**: | + | * **Updates of the application**: |
- | * **Updates of the application | + | * **OS, Patches & Software**: [[technical_information|Technical Information]] |
- | * **Custom Admin URL creation**: | + | * **Custom Admin URL creation**: |
- | * **Ability to monitor all system activities**: | + | * **Ability to monitor all system activities**: |
- | * **Ability to monitor the system in real time**: | + | * **Ability to monitor the system in real-time**: |
- | * **Data Security, Processes Privacy (GDPR)**: | + | * **Data Security, Processes Privacy (GDPR)**: |
- | * **Ability to store key on HSM: | + | * **Ability to store key on HSM: |
+ | * **Block access to campaigns based on IP-ranges and browser types**: [[filters|Filters]] | ||
+ | * **VPS Hardening info:** [[vps_hardening|VPS Hardening]] | ||
+ | * **Optional protection system:** [[suricata|IPS/ | ||
Additionally we perform regular external (anonymous) penetration tests according to the OWASP testing categories (https:// | Additionally we perform regular external (anonymous) penetration tests according to the OWASP testing categories (https:// | ||
security_considerations.1570537156.txt.gz · Last modified: 2019/10/08 14:19 by lucy