Security Strategy

From Lingoport Wiki
Jump to: navigation, search

Note: This page is currently in progress and should not be viewed as complete at this time.

The topic of security falls into several realms when it comes to the Lingoport Suite. The Lingoport Suite components need to be secure as well as the system or virtual machine that the components reside on.

If Lingoport's https://www.globalyzer.com is hosting the rulesets, access needs to be considered.

Overview

Lingoport Security Overview

Lingoport Suite Components

Lingoport Virtual Machine

AWS Security

More...

Should we have something that talks about the security enhancements that we have in our products or is this already in these pages?

Several security enhancements have been implemented for the Globalyzer Server. Our password encryption algorithm has been upgraded to use bcrypt, forgot password now performs a password reset rather than retrieval, and we now guard against clickjacking and directory/path traversal attacks. Our version of Tomcat has been upgraded to enable some of these security features.

FAQ

Can other customers see our rulesets and information on Globalyzer.com ?

How often is security testing done on the code or the systems?

Is data transferred between the customer and the Continuous Globalization System securely? What about between the Continuous Globalization System and the translation vendors?

How do you document security for third-party applications?

For Services customers, how do you ensure that the code and company information is secure?

How are security issues and concerns handled within the company?

How does Lingoport monitor an AWS VM for security issues ( logins, invalid logins, data transfers, etc)?

Has Lingoport had any security breaches?

Please send any security inquiries or reports to either support@lingoport.com or security@lingoport.com.

Globalyzer supports the additional security of HTTPS for all data that passes between the Client and the globalyzer.com Server.

L10n Vendor Lingoport FTP Protocol: FTP supports SSH and SSL encryption; The FTP system can allow only some IP ranges to access the FTP port(s)

Machine Learning: to use Machine Learning, you must install H2O.ai to your system. It's an in-memory platform so you don't need to worry about the security of your code and data.

LDAP and security.