All datacenters used are ISO 27001 certified.
Leaseweb.com with dedicated servers located in Slough (724-729 Dundee Rd, SL1 4JU), United Kingdom. All data is kept in the UK
London Data Center LON-01 | UK Data Centers | Leaseweb
Strato.de with dedicated server located in Berlin and Karlsruhe. All data is kept in Germany.
Server Place im Rechenzentrum – rundum geschützt | STRATO
Leaseweb.com with dedicated servers located in Unit A, 200 Bourke Road, Alexandria, Sydney, NSW 2015, Australia. All data is kept in Australia.
Sydney Data Center SYD-11 | Australian Data Centers | Leaseweb
CloudToolz uses a multi-tier setup:
The database, REDIS and elastic search servers are only accessible via internal networks.
The database connection between the application and the database server uses a SQL server user with a limited privilege set i.e., cannot access database backups, change security, decrypt database etc.
Administrators can only access the servers via VPN from whitelisted IP addresses and all servers are secured with DUO multi-factor-authentication.
All servers are monitored.
Database is encrypted at rest. Transparent data encryption is used for the MS SQL server database
Transparent data encryption (TDE) – SQL Server | Microsoft Learn
Personal or sensitive data is normally not held in CloudToolz.
If sensitive data is held, it is additionally encrypted by the middleware.
Right to forget is enabled for all user accounts.
If CloudToolz integrates with a CRM it follows the data retention settings as setup in the CRM.
ZENTSO is only a data processor and not a data controller.
Backups of the database are kept on the database server on a separate hard drive.
Differential backups are performed at 1am.
Full backups are performed on Saturday at 1am.
Transaction Log backups are performed hourly.
The web server itself only has port 443 open.
All traffic is routed via Cloudflare.com before it hits the web server. The public IP addresses are masked behind Cloudflare preventing DDoS attacks.
User accounts are properly encrypted and hashed. ASP.NET Core user identity is used for user management and MFA is enabled by default for administration accounts.
Introduction to Identity on ASP.NET Core | Microsoft Learn
Every time a major release of CloudToolz is released a penetration test is perfomed with https://pentest-tools.com
Last updated on 15/02/2023