How is my data stored and encrypted?
All customer data is encrypted at rest and in transit. We use a special onion based database encryption scheme that ensures that access policies are enforced at the encryption level. This is done using a combination of Parent-Child based AES key-chaining and RSA key exchange inside the database and data store.
Customer recordings are stored in a custom file format, which is also encrypted using the same system as above. This data is stored in S3 which can be a provided bucket, or your own if required. (Contact us.)
What information is recorded?
Every action on the system is recorded, such as connecting to a server, watching a previous replay, joining a team, changing settings, every keypress inside a terminal, and so forth. This information is exposed to the correct level of access. If required some events can be exported to a 3rd party end point. (Contact us.)
What are my options for using the software?
We support:
- Our Standard Cloud environment
- A private cloud instance (run by us)
- On premise (run by you)
We highly recommend using us as an independent party to help enforce accountability and as a safeguard.
What ways can I access my servers?
We support:
- SSH Directly from a fixed IP address
- SSH Via VPN
- SSH via a virtual appliance deployed on your infrastructure
- An agent that runs on each of your servers, and creates a back connection (SSH-less)
What are your requirements for on premise or private cloud deployments?
Please contact us! It would help to know what your requirements are. How many users/servers? How long you need to retain data? How many sessions do you expect to occur?
Typically we recommend having a highly available setup of at least 2 machines in a cluster. However the application is built around micro services and could be split up further depending on requirements.
