common:security_details
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| common:security_details [2017/06/20 21:58] – [DESIGN METHODOLOGY] Gerard Nicol | common:security_details [2025/01/21 22:07] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 8: | Line 8: | ||
| In addition to this, many of our employees have worked in military and law enforcement roles and have obtained the required clearances to perform these functions. | In addition to this, many of our employees have worked in military and law enforcement roles and have obtained the required clearances to perform these functions. | ||
| + | |||
| + | {{: | ||
| + | |||
| ===== Design Methodology ===== | ===== Design Methodology ===== | ||
| Security and reliability are our primary considerations when developing and maintaining TapeTrack. Our changes are extensively beta tested by experts who use the product on a daily basis. | Security and reliability are our primary considerations when developing and maintaining TapeTrack. Our changes are extensively beta tested by experts who use the product on a daily basis. | ||
| Line 18: | Line 21: | ||
| To minimize the chances of third-party components creating exploit opportunities we do not use middle-ware and only use third-party components when they provide the source code. | To minimize the chances of third-party components creating exploit opportunities we do not use middle-ware and only use third-party components when they provide the source code. | ||
| - | ===== LICENSE AGREEMENT | + | ===== License Agreement |
| The TapeTrack End User License Agreement (EULA) was written in consultation with our customers. The EULA clearly and fairly outlines your rights as a Licensee of our product. | The TapeTrack End User License Agreement (EULA) was written in consultation with our customers. The EULA clearly and fairly outlines your rights as a Licensee of our product. | ||
| - | ===== SOURCE CODE ESCROW ===== | ||
| - | The TapeTrack source code is regularly deposited for escrow with EscrowTech in Salt Lake City and The NCC Group in London. As a TapeTrack Licensee, our License Agreement ensures your right to register as an Escrow Beneficiary. This protects your rights as a Licensee should a dispute arise around your use of our intellectual property. | + | {{: |
| - | ===== DIGITAL CODE SIGNING ===== | + | |
| - | All TapeTrack executable code for the Microsoft Windows platform is Digitally Signed with GazillaByte LLC’s Code Signing Certificate. Where we provide third-party DLL’s and executables, | + | ===== Source Code Escrow ===== |
| - | ===== THE TAPETRACK PROTOCOL | + | |
| + | The TapeTrack source code is regularly deposited for escrow with EscrowTech in Salt Lake City and The NCC Group in London. | ||
| + | |||
| + | As a TapeTrack Licensee, our License Agreement ensures your right to register as an Escrow Beneficiary. This protects your rights as a Licensee should a dispute arise around your use of our intellectual property. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | ===== Digital Code Signing ===== | ||
| + | |||
| + | All TapeTrack executable code for the Microsoft Windows platform is Digitally Signed with GazillaByte LLC’s Code Signing Certificate. | ||
| + | |||
| + | Our Code Signing Certificate is provided by GoDaddy. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Where we provide third-party DLL’s and executables, | ||
| + | ===== The TapeTrack Protocol | ||
| TapeTrack uses a proprietary TCP/IP protocol. | TapeTrack uses a proprietary TCP/IP protocol. | ||
| + | |||
| This protocol uses only one port (usually 5000), but can also be tunneled through a HTTPS proxy server (TapeTrack clients use an outbound connection and the server accepts inbound connections). | This protocol uses only one port (usually 5000), but can also be tunneled through a HTTPS proxy server (TapeTrack clients use an outbound connection and the server accepts inbound connections). | ||
| - | ===== ENCRYPTION | + | ===== Encryption |
| TapeTrack uses symmetric AES encryption to encrypt data and all passwords are hashed and stored using the MD5 algorithm. | TapeTrack uses symmetric AES encryption to encrypt data and all passwords are hashed and stored using the MD5 algorithm. | ||
| - | ===== ACCESS CONTROL | + | ===== Access Control |
| + | |||
| + | TapeTrack has its own native access control mechanism. This access control is independent of Active Directory to ensure that in the event of a disaster recovery there is no dependence between TapeTrack and systems which may need to be recovered. | ||
| - | TapeTrack has its own native access control mechanism. This access control is independent of Active Directory1 to ensure that in the event of a disaster recovery there is no dependence between TapeTrack and systems which may need to be recovered. | ||
| TapeTrack’s native access control mechanism can limit access to TapeTrack and TapeTrack resources based upon: | TapeTrack’s native access control mechanism can limit access to TapeTrack and TapeTrack resources based upon: | ||
| - | 1. The connecting interface. | + | |
| - | 2. The connecting IP Address or IP Sub-Net. | + | - The connecting interface. |
| - | 3. The User’s access rights to individual resources and functions. | + | |
| - | ===== HIGH AVAILABILITY | + | |
| + | ===== High Availability | ||
| TapeTrack’s High Availability Option provides one or more read-only TapeTrack systems which replicate with the primary system in real-time. This replication requires no supporting middleware and uses very little bandwidth. | TapeTrack’s High Availability Option provides one or more read-only TapeTrack systems which replicate with the primary system in real-time. This replication requires no supporting middleware and uses very little bandwidth. | ||
| - | ===== SIMPLE HOT BACKUP | + | ===== Simple Hot Backup |
| In addition to High Availability Replication, | In addition to High Availability Replication, | ||
common/security_details.1497995894.txt.gz · Last modified: 2025/01/21 22:07 (external edit)