The user is informed about security practices


Service: InfoSec Handbook
Status: DECLINED
Changes: 3
Source: link
Author: komo


No logging by default – ✅ Minimal data processing</p> <p>We decided to choose the best protection for your personal data: We simply do not collect it. You don’t have to trust us, because you keep your data. By default, we do not log anything, and we concluded a data processing agreement according to Article 28 GDPR with our server provider (see our privacy policy).</p> <p>✅ Single-purpose server – ✅ No databases</p> <p>For security, we provide our blog using a dedicated virtual server. There aren’t any other public services on this server (e.g., no database server, no mail server, no messaging server). For instance, the decentralized Dat version of our blog runs on another virtual server.</p> <p>✅ Security monitoring – ✅ Strong authentication – ✅ Defined processes</p> <p>Our server is permanently monitored to check for modified files and login attempts. Two-factor authentication is needed to access our server. The core of our server is a hardened Linux installation. This means that we removed unnecessary packages and applied strict configuration at kernel level. Finally, we implemented processes to ensure installation of security updates within a narrow time frame and quick reaction to reported potential security vulnerabilities.</p> <p>✅ 100% static content – ✅ No CMS, PHP, or JavaScript – ✅ No 3rd party content</p> <p>Our blog consists of 100% static content. There is no content management system (CMS) installed and there is no dynamically-served content like PHP or JavaScript. We do not embed any third-party content, and all links to third-party websites are marked. Actually, third-party websites, which you access from our blog, run in a separate process in your web browser, and we strip any Referrer information.</p>


Comments:
On 2019-09-25 04:57:37 UTC, omhqit Curator wrote:

approved: without comment

On 2020-12-14 20:16:25 UTC, System Bot wrote:

Quote not found

On 2021-02-06 04:16:20 UTC, System Bot wrote:

DECLINED
Point automatically declined as no activity have been monitored over a course of 2 months. Was: declined



We track editorial changes to analyses and updates to a point's status and display the previous versions here as part of an effort to promote transparency regarding our curation process.

Version 1: 2021-02-06 04:16:20 UTC by Deleted

Previous Title: No changes recorded

Updated Title: No changes recorded

Previous Analysis: No changes recorded

Updated Analysis: No changes recorded

Previous Status: QUOTE NOT FOUND

Updated Status: DECLINED

Version 2: 2019-09-25 04:57:37 UTC by omhqit Curator

Previous Title: No changes recorded

Updated Title: No changes recorded

Previous Analysis: No changes recorded

Updated Analysis: No changes recorded

Previous Status: PENDING

Updated Status: APPROVED

Version 3: 2019-09-14 07:09:31 UTC by komo

Previous Title:

Updated Title: The user is informed about security practices

Previous Analysis:

Updated Analysis: Generated through the annotate view

Previous Status:

Updated Status: PENDING