Konfeo – technical and organizational security measures
Inspired by customers’ questions regarding the security of personal data collected by our system, we decided to briefly present the technical and organizational measures we use. At the turn of the years, we have developed simple security procedures that are effective and guarantee a good night’s sleep, while fully adapted to the requirements of the GDPR.
Software development vs. personal data protection
Personal data of event organizers and participants are collected and stored only in two places:
- in a production database located on servers in a secure location
- in encrypted database backups performed daily, located on separate servers in a different location
We, as company owners, are involved in the development of system functionality and use the work of programmers and software testers. In this context, it is extremely important to precisely define the authorizations and level of access for people involved in individual stages of work.
We conduct development work only on the development server, which is a separate Konfeo instance containing only test data. In other words, it is a clone running on an independent server. The system running on the development server isn’t connected in any way to the “real” system running on the production server. Using Konfeo, you only connect to the production server.
The scheme described above means that programmers (including owners) have access to the source code of the program, but working on fictitious data, on a separate server and a separate database. After the work on some functionality is thoroughly tested on the development server, and – if the tests are positive – we decide to implement changes to the production server. Such implementation is possible only by company owners – only they have access to the production machine, and therefore real personal data.
The conclusion is simple – in the course of software development, we don’t use personal data collected by event organizers. None of the employees or co-workers have access to real personal data collected in the system.
Organizational security measures
In our information clause, we indicate subprocessors that we use to provide you with the highest quality services. We have a signed data processing agreement (DPA) with each of the entities indicated in the clause. Note that these are organizations that provide automated internet services. In this context, our security measures are as follows:
- hard drives in our personal computers are encrypted, i.e. even the theft of a computer doesn’t allow reading its contents (apart from the fact that they don’t contain any personal data)
- we keep all the access passwords to our subprocessor’s automated services in the password manager (each of us has a separate account), so even decrypting stolen computers doesn’t give access to any data or services
- each access password is strong and unique (we use password generators)
- the master password for the password management application is different than the one used to decrypt the hard drives
- if the subprocessor gives such a possibility, each of us has independent access (separate account) to the services
- access to the most important services (e.g. production hosting, mail servers, backup servers) is additionally secured by a 2FA (two-factor authentication) mechanism
- access to the production server is additionally secured by a private SSH key with an additional password (each of us has our own key)
- SSH password is different from those for decrypting the hard drives and the password manager
To sum up, access to collected personal data is secured at several levels:
- a unique password to decrypt our computer’s hard drives
- a unique password to the password manager
- unique passwords for automated internet services (hosting, mail servers, etc.)
- two-factor authentication for the most important services
Technical security measures
In order to detect potentially dangerous events in the system, we use extensive monitoring:
- web application firewall – in the event of too much traffic from a single IP address, it is blocked by immediately returning error code 429 (too many requests)
- detection of anomalies – we constantly monitor events occurring in the system (increased traffic, number of errors, server and database response time, number of payment failures, etc.)
- in the event of an anomaly, we receive immediate notification by email and an alarm for a mobile phone
Other elements of protection are HTTP security headers, which you can independently and constantly verify by analyzing the sample registration page of our demo event.
A very important element is also the system performance and the quality of source code.
Threats on the internet
Research indicates that hackers focus on large databases, and 94% of e-mail attacks are used to steal login credentials in electronic banking systems and other network structures. Gaining access by a hacker to an active mailbox basically means the disclosure of personal data, because such are usually contained in the profile of the mailbox owner or e.g. in emails confirming purchases in online stores.
Given the above facts, in addition to the implementation of permanent elements of our infrastructure responsible for security, we also use simple methods and behaviors to prevent potential threats on a daily basis. We also urge you to do so. Check if you can spot when you’re being phished.