At Affluences, the security of the data we host is a constant concern. A significant portion of Affluences' design, development, and testing activities is dedicated to securing the systems we publish. This document outlines the measures that Affluences implements to meet the security requirements expected by its clients.
Affluences develops and distributes a cross-platform digital solution (web and mobile) aimed at enhancing user reception by providing real-time information on occupancy or waiting times. A reservation system is also available.
Through the use of Affluences products, certain qualitative and quantitative information (essential for the proper functioning of the application) may be entered, stored, and hosted on the system. Affluences implements a series of technical and organizational measures to ensure their security.
The security measures of the Affluences solution address the following three major requirements:
- Confidentiality of Data: Prevention of unauthorized third parties from intercepting and reading hosted and exchanged data.
- Integrity of Data: Prevention of unauthorized third parties from altering or deleting hosted data.
- Availability of Data: Assurance of data access for authorized individuals.
To ensure compliance with these security requirements, Affluences includes:
- Technical solutions (design, development, and configuration) to prevent threats and vulnerabilities.
- Routine maintenance procedures for preventive security measures.
- Corrective procedures in the event of an incident.
Preventive Technical Solutions
Overview
To achieve these performances, Affluences implements data security solutions in the following three domains:
- Application Security: Technical measures specific to securing the application.
- Communication Security: Securing the exchange of data between the user's browser and the data hosting server.
- Data Hosting Security: Technical measures specific to securing the data hosting servers and their entry ports.
Application Security
Affluences' digital solutions incorporate measures related to application security:
- Coding Security Standards: Best practices in design and development aimed at minimizing vulnerabilities.
- Coverage of Common Application Flaws: Addressing and securing against common application vulnerabilities.
- Authentication System Security: Ensuring the security of the authentication system.
- Permission Management: Proper handling and management of permissions.
- Password Hashing: Implementation of secure password hashing techniques.
Coding security standards
Best Practices for Design and Development to Minimize Application Vulnerabilities:
- Input Validation: All user inputs are subjected to validation rules to ensure the consistency and harmlessness of data before any interaction with the database.
- Clean Coding: Best practices of clean coding are systematically implemented to ensure the maintainability and security of the system, especially design patterns (MVC, adapter, mediator, decorator, facade, etc.) and design principles (Single Responsibility Principle, Don't Repeat Yourself, etc.).
- Automation of Unit Tests: Every application update is accompanied by automated test plans comprising hundreds of "Test Cases" to ensure maximum coverage of execution scenarios (including edge case tests).
- Error Logging: Every bug in production is automatically recorded in a dedicated log to ensure continuous improvement of system robustness.
- Integrity Constraints: In the context of a relational database architecture, the logical data model (LDM) is controlled by a maximum of integrity constraints (uniqueness, not null, check, reference, pk, fk, etc.) to ensure data coherence.
- Automated Deployment: Every deployment process is automated in a dedicated script in which best practices for the administration of the production environment are continuously capitalized (alteration of data models, configuration of environment variables, installation of dependencies, SSL certificate updates, etc.).
Coverage of Common Application Flaws
The system incorporates solutions to counter common application flaws, including:
- XSS (Cross-site Scripting): Each user input undergoes pre-processing rules enabling tag escaping to neutralize content injection attacks.
- CSRF (Cross-Site Request Forgery): All forms implement validity tokens to ensure that an attacker cannot exploit the permissions of an authenticated user to perform actions without their knowledge via a third-party website.
- SQL Injection: All communication with the database are properly escaped, excluding any parameter that could be controlled by a malicious user.
- Session Fixation: Session identifiers are consistently associated with cookies to benefit from the W3C "same-origin policy" standard (browsers' prohibition of accessing a cookie by a third-party website).
Authentication System Security
The authentication system of the system is based on the Passport or Keycloak authentication module (updated with each new release, see Technology Update Procedures).
This authentication system is enhanced with security reinforcement rules (password validation, brute force attack prevention, connection notifications, etc.).
Data access rights are assigned to each authenticated user based on the project they are involved in, taking into account their role in the project (creativity group, incubation, execution, administration, reporting).
Permission management rules are double-checked both in the front end and back end and are included in the test plans (refer to Coding Security Standards).
Data exchanges between the user's browser and the web server are encrypted through the implementation of an HTTPS protocol using AES 256 encryption.
Certificates
HTTPS certificates are provided by the organization "Let's Encrypt."
Server Security
Certifications
The data hosting is subcontracted to the French company OVH, ensuring an infrastructure certified ISO27001, SOC I type 2 (SSAE 16 and ISAE 3402), and SOC 2 type II.
Territoriality
All data is hosted on secure servers located in Gravelines and Strasbourg. OVH provides a certificate of territoriality upon request.
Port Management
The open ports are formally identified and documented. Each port is associated with a service having a specific function listed below. Each port is subjected to strict configuration rules prioritizing security and following best practices as defined by official documentation.
- Port 443: Corresponds to the HTTPS protocol.
- Port 80: Corresponds to the HTTP protocol. It is used for automatic redirection to port 443 to ensure a secure exchange.
- Port 22: Used both for command line administration via the SSH protocol and for file exchange through the SFTP protocol. To minimize the number of open ports, port 21 dedicated to the FTP protocol is kept closed.
Any other port for server access is closed by IPTABLES rules (firewall). Any process associated with an open port is stopped if it does not have a useful role for the proper functioning of the system.
Distributed Denial of Service (DDoS) Protection
The implemented servers benefit from native protection against DDoS attacks.
Event Logging
Every event at each access point is archived by a logging system. Refer to Monitoring Procedures for details.
Backups
The servers are subject to a regular backup plan. See Backup Procedures for details.
Preventive Routines
Affluences has designated a security officer. This individual is the primary contact for our clients for any security-related questions.
Affluences implements a plan for maintaining preventive security through:
- Technology update procedures
- Backup procedures for hosted data
- Server access monitoring procedures
Technology Update Procedures
All tools undergo regular updates to benefit from the latest security patches.
Backup Routines
A backup plan for hosted data is implemented at two levels:
- Daily full backup
- Incremental backups
Three copies of the backups are stored in three separate data centers.
Monitoring Routines
Every event at each server access point is archived by a logging system recording information necessary for intrusion detection and diagnosis in case of suspicion.
Some intrusion detection rules are listed below for informational purposes:
- Number of failed connection attempts exceeding a predefined threshold (brute force attack).
- Number of unusual requests during a defined period (DDoS attack).
- Change in file access rights.
- Change in system user rights/passwords.
- Attempts to access non-public URLs.
Corrective Procedures
In case of a disaster, Affluences implements a contingency plan that includes the following corrective procedures:
- Restoration of the database to a previous state
- Database restoration in the event of a disaster
- Intervention plan in case of an illegal intrusion
- Reversibility
Restoration to a Previous State
The daily and incremental backups plans (see Backup Routines) allow for the restoration of the database to a previous state.
Disaster Recovery Plan
In case of a disaster (data loss, server crash, etc.), the daily backup plan on an independent server (see Backup Routines) allows for the restoration of the database to a state prior to the disaster.
Intrusion Response Plan
In the event of detecting an illegal intrusion (see Monitoring Routines), Affluences implements the following intervention plan:
- Immediate blocking of the IP identified as the source of the intrusion.
- Retrieval of diagnostic data.
- Analysis of diagnostic data.
- Repair of the vulnerability and implementation of preventive actions.
- System restoration, if necessary.
Reversibility
The system allows for the export of hosted data in a readable format easily handled in an Excel environment (csv, xls, and xlsx).
List of Acronyms
AES – Advanced Encryption Standard
CSRF – Cross-Site Request Forgery
DDOS – Distributed Denial of Service
FTP – File Transfer Protocol
HHTP – Hypertext Transfer Protocol
HTTPS – HyperText Transfer Protocol Secure
ISAE - International Standards for Assurance Engagements
MLD – Modèle Logique de Données
MVC – Modèle Vue Controlleur
ORM – Object Relational Mapping
RSA – Rivest, Shamir, Aldeman (inventeurs)
SFTP – SSH File Transfert Protocole
SSAE – Statement on Standards for Attestation Engagements
SQL – Structured Query Language
SOC – Security Operating Center
SSH – Secure SHell
SSL – Secure Socket Layer
XSS – Cross Site Scripting
W3C – World Wide Web Consortium