Security of Captain DPO
Last Update : April 2018
Captain DPO offers a solution provided as a Software As A Service Solution.
The license subscription covers Web support. Hence, this document describes the current technical architecture, and do not provide any guarantee that Captain DPO will follow the same principles in the future. At any point, and for any reason, Captain DPO may change this implementation.
1- System Architecture
Captain DPO's service is based on the LAMP stack:
Linux Ubuntu 14.04
The standard stack is enriched by different other components, Solr 1.4.1 on Tomcat6, Redis Server, and so on, to achieve the service.
2- Technical Infrastructure
2.1- Physical ressources
Use of a Virtual Machine (VM) deployed over a dedicated cloud, using vSPhere over set of redundant servers.
Every customer platform is connected to a primary Domain, and eventually some more aliases. Every platform has its own database, and its own full text indices.
A VM handles a set of customer platforms:
A set of network interface cards, to handle necessary IPs,
A set of MYSQL databases
A set of full text indices
2.2- Platform protection
OVH provides a mitigation service to respond to DDoS attacks, and protect resources needed to fulfill the service.
3- HTTPS Access
Captain DPO provides *.captaindpo.com domains, covered by a wildcard SSL certificate.
A customer may use its own domain. In this case, the customer must provide key and certificate needed to cover its own domain.
4- Update policy
Captain DPO updates its service a few times every day. This allows the users community to benefit from the best available service. Every fix or evolution, once tested, is instantaneously propagated to all customers, so that every user has the last version of the service.
Captain DPO guarantees the correct operation of a platform and all settings done during an eventual project period. This maintenance is part of the annual subscription of the platform.
This process can be activated by the following means: self ticketing support on https://captaindpo.jamespot.pro/
During your subscription period, your Captain DPO platform will be automatically upgraded.
On a regular basis, new features are added to the common features set, and are propagated to every customer. Those new features are available at no extra cost, they are covered by your subscription. A part of those new features is grouped into application packages, that each platform administrator may deploy or not in the platform.
5- Data reversibility
By contract, you are the owner of your platform data. Captain DPO is only a technical operator.
You can obtain your data at the end of the subscription.
This reversibility is done via a Secure SQL Dump, and contains every single data from your platform (users, profiles, groups, contents, files).
Captain DPO offers the option of exporting the SQL Dump to the server of your choice on a monthly or weekly basis.
6- Data Backup
A daily backup is achieved and exported from the front server to a backup server.
Those backups are available 7 days. They can be used to revert the platform to a previous state (this operation is not covered by your subscription).
A monthly copy is stored for one year.