Security is very important to us, and here is a summary of what we do to guarantee that your data is safe with PeeP and that we apply the best practices on the hosted version, PeeP Online.
Reporting Security Vulnerabilities
If you need to report a security vulnerability, please head over to our responsible disclosure page. These reports are treated with high priority, the problem is immediately assessed and solved by the PeeP security team, in collaboration with the reporter, and then disclosed in a responsible manner to PeeP customer and users.
- PeeP is solution architecture, so the whole codebase is continuously under examination by PeeP users and contributors worldwide. Community bug reports are therefore one important source of feedback regarding security. We encourage developers to audit the code and report security issues.
- The PeeP R&D processes have code review steps that include a security check for all new and contributed pieces of code.
- Many customers have conducted independent code audits and performed penetration tests, and all the findings have been taken into consideration. The results can only be disclosed by the respective customers, but no major problem was ever detected during these audits/tests.
- PeeP is designed in a way that prevents the most common types of security issues:
- SQL injections are prevented by the use of a higher-level API that does not require manual SQL queries
- XSS attacks are prevented by the use of a high-level templating system that automatically escapes all data being rendered
- The framework prevents RPC access to private methods, making it harder to introduce exploitable vulnerabilities
Backups and Disaster recovery
- We keep 14 full backups of each PeeP instance for up to 3 months: 1/day for 7 days, 1/week for 4 weeks, 1/month for 3 months
- Backups are replicated to at least 3 different machines in different data centers
- You can also download manual backups of your live data at any time using the PeeP Online control panel
- In case of disaster (never happened so far, but we plan for the worst):
- RPO (Recovery Point Objective) = 24h, i.e. you can lose max 24h of work if the data cannot be recovered and we need to restore the last daily backup
- RTO (Recovery Time Objective) = 6h, i.e. the service will be restored within 6 hours in a different data center if a disaster occurs and a datacenter is completely down.
- Customer data is stored in a dedicated database - no sharing of data between clients
- Data access control rules implement complete isolation between customer databases running on the same cluster, no access is possible from one database to another
- Customer passwords are protected with industry-standard PBKDF2+SHA512 encryption (salted + stretched for thousands of rounds)
- PeeP staff does not have access to your password, and cannot retrieve it for you, the only option if you lose it is to reset it
- Login credentials are always transmitted securely over HTTPS
- PeeP support staff may sign into your account to access settings related to your support issue (using special staff authorization, not with your password)
- We do our best to respect your privacy as much as possible, we only access files and settings needed to diagnose and resolve your issue
- All PeeP online servers are running hardened Linux distributions with up-to-date security patches
- Installations are ad-hoc and minimal to limit the number of services that could contain vulnerabilities (no PHP/MySQL stack for example)
- Only a few PeeP engineers have clearance to remotely manage the servers - and access is only possible using SSH key pairs (password authentication disallowed)
- Firewalls and intrusion counter-measures help prevent unauthorized access
- Automatic Distributed Denial of Service (DDoS) mitigation is implemented in EU and US data centers, and coming soon in Asia
The PeeP Online servers are hosted in several data centers worldwide, that must all satisfy with our minimum physical security criterions:
- Physical access to the data center area where PeeP servers are located is restricted to data center technicians only
- Security cameras are monitoring the data center locations
Credit Card Safety
- When you sign up for a paid PeeP Online subscription, do not store your credit card information
- Your credit card information is only transmitted securely between you and our PCI-Compliant payment acquirers: Ogone and Paypal (even for recurring subscriptions)
- All web connections to client instances are protected with state-of-the-art 256-bit SSL encryption
- All our SSL certificates use robust 2048-bit modulus