Difference between revisions of "Security Strategy"

From Lingoport Wiki
Jump to: navigation, search
(9 intermediate revisions by the same user not shown)
Line 1: Line 1:
  +
'''Note: This page is currently in progress and should not be viewed as complete at this time.'''
Security Issues
 
   
 
The topic of security falls into several realms when it comes to the Lingoport Suite. The Lingoport Suite components need to be secure as well as the system or virtual machine that the components reside on.
 
The topic of security falls into several realms when it comes to the Lingoport Suite. The Lingoport Suite components need to be secure as well as the system or virtual machine that the components reside on.
Line 5: Line 5:
 
If Lingoport's https://www.globalyzer.com is hosting the rulesets, access needs to be considered.
 
If Lingoport's https://www.globalyzer.com is hosting the rulesets, access needs to be considered.
   
  +
==Overview==
'''Overview''' [[Lingoport Security Overview]]
 
  +
[[Lingoport Security Overview]]
   
'''Lingoport Suite Components:'''
+
==Lingoport Suite Components==
 
*[[Deployment and Security]]
 
*[[Deployment and Security]]
 
*[[Lingoport Suite Product Security]]
 
*[[Lingoport Suite Product Security]]
  +
**[https://wiki.jenkins.io/display/JENKINS/Securing+Jenkins Securing Jenkins]
   
'''Lingoport Virtual Machine:''' [[AWS Security]]
+
==Lingoport Virtual Machine==
  +
[[AWS Security]]
  +
  +
==More...==
  +
Should we have something that talks about the security enhancements that we have in our products or is this already in these pages?
  +
  +
Several security enhancements have been implemented for the Globalyzer Server. Our password encryption algorithm has been upgraded to use bcrypt, forgot password now performs a password reset rather than retrieval, and we now guard against clickjacking and directory/path traversal attacks. Our version of Tomcat has been upgraded to enable some of these security features.
  +
  +
== FAQ ==
  +
Can other customers see our rulesets and information on Globalyzer.com ?
  +
  +
How often is security testing done on the code or the systems?
  +
  +
Is data transferred between the customer and the Continuous Globalization System securely? What about between the Continuous Globalization System and the translation vendors?
  +
  +
How do you document security for third-party applications?
  +
  +
For Services customers, how do you ensure that the code and company information is secure?
  +
  +
How are security issues and concerns handled within the company?
  +
  +
How does Lingoport monitor an AWS VM for security issues ( logins, invalid logins, data transfers, etc)?
  +
  +
Has Lingoport had any security breaches?
  +
  +
Please send any security inquiries or reports to either support@lingoport.com or security@lingoport.com.
  +
  +
Globalyzer supports the additional security of HTTPS for all data that passes between the Client and the globalyzer.com Server.
  +
  +
L10n Vendor Lingoport FTP Protocol: FTP supports SSH and SSL encryption; The FTP system can allow only some IP ranges to access the FTP port(s)
  +
  +
Machine Learning: to use Machine Learning, you must install H2O.ai to your system. It's an in-memory platform so you don't need to worry about the security of your code and data.
  +
  +
LDAP and security.

Revision as of 19:58, 19 July 2019

Note: This page is currently in progress and should not be viewed as complete at this time.

The topic of security falls into several realms when it comes to the Lingoport Suite. The Lingoport Suite components need to be secure as well as the system or virtual machine that the components reside on.

If Lingoport's https://www.globalyzer.com is hosting the rulesets, access needs to be considered.

Overview

Lingoport Security Overview

Lingoport Suite Components

Lingoport Virtual Machine

AWS Security

More...

Should we have something that talks about the security enhancements that we have in our products or is this already in these pages?

Several security enhancements have been implemented for the Globalyzer Server. Our password encryption algorithm has been upgraded to use bcrypt, forgot password now performs a password reset rather than retrieval, and we now guard against clickjacking and directory/path traversal attacks. Our version of Tomcat has been upgraded to enable some of these security features.

FAQ

Can other customers see our rulesets and information on Globalyzer.com ?

How often is security testing done on the code or the systems?

Is data transferred between the customer and the Continuous Globalization System securely? What about between the Continuous Globalization System and the translation vendors?

How do you document security for third-party applications?

For Services customers, how do you ensure that the code and company information is secure?

How are security issues and concerns handled within the company?

How does Lingoport monitor an AWS VM for security issues ( logins, invalid logins, data transfers, etc)?

Has Lingoport had any security breaches?

Please send any security inquiries or reports to either support@lingoport.com or security@lingoport.com.

Globalyzer supports the additional security of HTTPS for all data that passes between the Client and the globalyzer.com Server.

L10n Vendor Lingoport FTP Protocol: FTP supports SSH and SSL encryption; The FTP system can allow only some IP ranges to access the FTP port(s)

Machine Learning: to use Machine Learning, you must install H2O.ai to your system. It's an in-memory platform so you don't need to worry about the security of your code and data.

LDAP and security.