Security Assurance Plan

Security Assurance Plan

Purpose of the Document

At Affluences, the security of the data we host is a constant concern. A significant portion of Affluences' design, development, and testing activities is dedicated to securing the systems we publish. This document outlines the measures that Affluences implements to meet the security requirements expected by its clients.

System Description

Affluences develops and distributes a cross-platform digital solution (web and mobile) aimed at enhancing user reception by providing real-time information on occupancy or waiting times. A reservation system is also available.

Through the use of Affluences products, certain qualitative and quantitative information (essential for the proper functioning of the application) may be entered, stored, and hosted on the system. Affluences implements a series of technical and organizational measures to ensure their security.

Reminder of Requirements

The security measures of the Affluences solution address the following three major requirements:
  1. Confidentiality of Data: Prevention of unauthorized third parties from intercepting and reading hosted and exchanged data.
  2. Integrity of Data: Prevention of unauthorized third parties from altering or deleting hosted data.
  3. Availability of Data: Assurance of data access for authorized individuals.
To ensure compliance with these security requirements, Affluences includes:
  1. Technical solutions (design, development, and configuration) to prevent threats and vulnerabilities.
  2. Routine maintenance procedures for preventive security measures.
  3. Corrective procedures in the event of an incident.

Preventive Technical Solutions

Overview

To achieve these performances, Affluences implements data security solutions in the following three domains:
  1. Application Security: Technical measures specific to securing the application.
  2. Communication Security: Securing the exchange of data between the user's browser and the data hosting server.
  3. Data Hosting Security: Technical measures specific to securing the data hosting servers and their entry ports.

Application Security

Affluences' digital solutions incorporate measures related to application security:
  1. Coding Security Standards: Best practices in design and development aimed at minimizing vulnerabilities.
  2. Coverage of Common Application Flaws: Addressing and securing against common application vulnerabilities.
  3. Authentication System Security: Ensuring the security of the authentication system.
  4. Permission Management: Proper handling and management of permissions.
  5. Password Hashing: Implementation of secure password hashing techniques.

Coding security standards

Best Practices for Design and Development to Minimize Application Vulnerabilities:
  1. Input Validation: All user inputs are subjected to validation rules to ensure the consistency and harmlessness of data before any interaction with the database.
  2. Clean Coding: Best practices of clean coding are systematically implemented to ensure the maintainability and security of the system, especially design patterns (MVC, adapter, mediator, decorator, facade, etc.) and design principles (Single Responsibility Principle, Don't Repeat Yourself, etc.).
  3. Automation of Unit Tests: Every application update is accompanied by automated test plans comprising hundreds of "Test Cases" to ensure maximum coverage of execution scenarios (including edge case tests).
  4. Error Logging: Every bug in production is automatically recorded in a dedicated log to ensure continuous improvement of system robustness.
  5. Integrity Constraints: In the context of a relational database architecture, the logical data model (LDM) is controlled by a maximum of integrity constraints (uniqueness, not null, check, reference, pk, fk, etc.) to ensure data coherence.
  6. Automated Deployment: Every deployment process is automated in a dedicated script in which best practices for the administration of the production environment are continuously capitalized (alteration of data models, configuration of environment variables, installation of dependencies, SSL certificate updates, etc.).

Coverage of Common Application Flaws

The system incorporates solutions to counter common application flaws, including:
  1. XSS (Cross-site Scripting): Each user input undergoes pre-processing rules enabling tag escaping to neutralize content injection attacks.
  2. CSRF (Cross-Site Request Forgery): All forms implement validity tokens to ensure that an attacker cannot exploit the permissions of an authenticated user to perform actions without their knowledge via a third-party website.
  3. SQL Injection: All communication with the database are properly escaped, excluding any parameter that could be controlled by a malicious user.
  4. Session Fixation: Session identifiers are consistently associated with cookies to benefit from the W3C "same-origin policy" standard (browsers' prohibition of accessing a cookie by a third-party website).

Authentication System Security

The authentication system of the system is based on the Passport or Keycloak authentication module (updated with each new release, see Technology Update Procedures).
This authentication system is enhanced with security reinforcement rules (password validation, brute force attack prevention, connection notifications, etc.).

Permission Management

Data access rights are assigned to each authenticated user based on the project they are involved in, taking into account their role in the project (creativity group, incubation, execution, administration, reporting).
Permission management rules are double-checked both in the front end and back end and are included in the test plans (refer to Coding Security Standards).

Password Hashing

All passwords undergo a hashing function (SHA256 or bcrypt hashing function), and no password is stored in plain text in the database.

Communication Security

Protocol Used

Data exchanges between the user's browser and the web server are encrypted through the implementation of an HTTPS protocol using AES 256 encryption.

Certificates

HTTPS certificates are provided by the organization "Let's Encrypt."

Server Security

Certifications

The data hosting is subcontracted to the French company OVH, ensuring an infrastructure certified ISO27001, SOC I type 2 (SSAE 16 and ISAE 3402), and SOC 2 type II.

Territoriality

All data is hosted on secure servers located in Gravelines and Strasbourg. OVH provides a certificate of territoriality upon request.

Port Management

The open ports are formally identified and documented. Each port is associated with a service having a specific function listed below. Each port is subjected to strict configuration rules prioritizing security and following best practices as defined by official documentation.
  1. Port 443: Corresponds to the HTTPS protocol.
  2. Port 80: Corresponds to the HTTP protocol. It is used for automatic redirection to port 443 to ensure a secure exchange.
  3. Port 22: Used both for command line administration via the SSH protocol and for file exchange through the SFTP protocol. To minimize the number of open ports, port 21 dedicated to the FTP protocol is kept closed.
Any other port for server access is closed by IPTABLES rules (firewall). Any process associated with an open port is stopped if it does not have a useful role for the proper functioning of the system.

Distributed Denial of Service (DDoS) Protection

The implemented servers benefit from native protection against DDoS attacks.

Event Logging

Every event at each access point is archived by a logging system. Refer to Monitoring Procedures for details.

Backups

The servers are subject to a regular backup plan. See Backup Procedures for details.

Preventive Routines

Affluences has designated a security officer. This individual is the primary contact for our clients for any security-related questions.
Affluences implements a plan for maintaining preventive security through:
  1. Technology update procedures
  2. Backup procedures for hosted data
  3. Server access monitoring procedures

Technology Update Procedures

All tools undergo regular updates to benefit from the latest security patches.

Backup Routines

A backup plan for hosted data is implemented at two levels:
  1. Daily full backup
  2. Incremental backups 
Three copies of the backups are stored in three separate data centers.

Monitoring Routines

Every event at each server access point is archived by a logging system recording information necessary for intrusion detection and diagnosis in case of suspicion.
Some intrusion detection rules are listed below for informational purposes:
  1. Number of failed connection attempts exceeding a predefined threshold (brute force attack).
  2. Number of unusual requests during a defined period (DDoS attack).
  3. Change in file access rights.
  4. Change in system user rights/passwords.
  5. Attempts to access non-public URLs.

Corrective Procedures

In case of a disaster, Affluences implements a contingency plan that includes the following corrective procedures:
  1. Restoration of the database to a previous state
  2. Database restoration in the event of a disaster
  3. Intervention plan in case of an illegal intrusion
  4. Reversibility

Restoration to a Previous State

The daily and incremental backups plans (see Backup Routines) allow for the restoration of the database to a previous state.

Disaster Recovery Plan

In case of a disaster (data loss, server crash, etc.), the daily backup plan on an independent server (see Backup Routines) allows for the restoration of the database to a state prior to the disaster.

Intrusion Response Plan

In the event of detecting an illegal intrusion (see Monitoring Routines), Affluences implements the following intervention plan:
  1. Immediate blocking of the IP identified as the source of the intrusion.
  2. Retrieval of diagnostic data.
  3. Analysis of diagnostic data.
  4. Repair of the vulnerability and implementation of preventive actions.
  5. System restoration, if necessary.

Reversibility

The system allows for the export of hosted data in a readable format easily handled in an Excel environment (csv, xls, and xlsx).

List of Acronyms

AES – Advanced Encryption Standard
CSRF – Cross-Site Request Forgery
DDOS – Distributed Denial of Service
FTP – File Transfer Protocol
HHTP – Hypertext Transfer Protocol
HTTPS – HyperText Transfer Protocol Secure
ISAE - International Standards for Assurance Engagements
MLD – Modèle Logique de Données
MVC – Modèle Vue Controlleur
ORM – Object Relational Mapping
RSA – Rivest, Shamir, Aldeman (inventeurs)
SFTP – SSH File Transfert Protocole
SSAE – Statement on Standards for Attestation Engagements
SQL – Structured Query Language
SOC – Security Operating Center
SSH – Secure SHell
SSL – Secure Socket Layer
XSS – Cross Site Scripting
W3C – World Wide Web Consortium

    • Related Articles

    • Affluences' data processing and GDPR compliance

      When using its services, Affluences may process personal data. Affluences is committed to process this data for strictly operational and non-commercial purposes while complying with the regulations in force (GDPR). Booking service Emails As part of ...
    • Taking photos for a technical study

      Pictures taken from the inside of the area Context pictures - facing the access Show the context by taking a photo from the inside, facing the access, and trying to include as many elements as possible. Affluences offers several solutions depending ...
    • Installation for 3D Video Sensor

      Prerequisites  The prerequisites for the installation and the connection of the 3D Video Sensor are the following :  The validation by Affluences’ technical team of the sensor’s chosen installation spot  A fixation point that is available at a height ...
    • Reservations

      If an institution makes resources available for booking, then users can reserve them in just a few clicks via the Affluences mobile app (available on Android and iOS) or via the website www.affluences.com. Access to the reservation system is reserved ...
    • Statistics

      The Statistics module is accessible starting from a Silver license. The Statistics tab allows you to easily consult the statistics related to an institution.  The data present under this tab comes from the sensors that are present in the institution ...