Ensure the security of your corporate intranet data
With our collaborative platform Silverpeas
Your intranet data is secure
Regularly revised, our security policy was established in 2011, when the platform’s code was opened as Open Source. It is based on ISO 27001 and ISO 27002 security standards and is fully integrated into the quality management system.
It covers :
- Risk of unavailability of information and applications, and the systems processing them.
- Risk of disclosure, or loss of confidentiality, accidental or voluntary, of information provided by our clients.
- Risk of alteration, or loss of integrity, which could lead to a loss of information for our clients.
IT systems security standards
- ISO 9001: Quality Management Systems
- ISO 27001: Information Security Management System (ISMS)
- ISO 27002: Code of practice for information security management
Access control
Single Sign On
Silverpeas integrates into a Single Sign-On (SSO) authentication context. This authentication method allows a user to access multiple computer applications by performing only one authentication.
✔ Fewer passwords for the user to remember
✔ The security level is strengthened.
Silverpeas is compatible with the most commonly used protocols such as Kerberos (Microsoft Azure AD) and SAMLv2 (Google). Password policy
Each user is identified by a unique identifier and a strong password.
The password policy for users of hosted services is as follows:
- Customization by the user during their 1st connection
- Minimum size: 8 characters
- Complexity: letter, number, and symbol
- Change frequency: every 100 connections (configurable number)
- No reuse of the last password
- Lockout after 3 unsuccessful attempts (configurable number)
Passwords are stored in a secure and encrypted database. In case of forgetfulness, a renewal is necessary, sending a temporary password to the user allowing them to reset it upon connection.
Cryptography
Data transfer
All data transfers to the hosting platform are carried out through VPN links. If confidential data must transit either on removable media or in an email, this data must be encrypted in compliance with the rules in force.
Certificates
The certificates used by Silverpeas technical teams come from public and recognized certification authorities.
Physical and environmental security
Datacenter security
The datacenters used by Silverpeas (Scaleway and OVH) are located in France.
The datacenter is Tier 3+ type, with the following main characteristics :
- Location: non-flood zone, non-seismic, outside air corridors, outside Seveso zones
- Electrical security: dual 20,000 volt EDF power supply, N+1 UPS and generator, dual power supply racks
- High density
- Physical security: on-site presence, 365d x 24h remote surveillance, armored doors, badge access, access traceability
- Fire safety
- Operator access: multi-operator site, dual induction and dual fiber optic penetration
- 365d x 24h service
- Eco-friendly: HQE building, heat recovery to heat offices, Green IT and ecological technological choices, inert gases
Hardware and network redundancy
Hardware and access links have been redundant to avoid any service interruption due to a malfunction of one of these materials.
Duplication of routers, switches, network cards, SAN access path… Redundancy of LAN links, physical servers, power supplies, fans…
Virtualization
Server virtualization: Automatic movement of virtual servers in case of physical server failure
Operational security
Malicious software
All servers and workstations connected to the Silverpeas software forge are equipped with software suite against malicious software. The availability of updates is checked daily, they are automatically downloaded and deployed on the equipment.
In our SaaS offer, supervision and the centralized administration console allow immediate detection of any anomaly (undeployed update, infection, …).
Backups
Client data (hosted by us) is backed up every day with a retention of 6 weeks, plus the last 5 monthly backups and the last 3 annual backups.
All backups are duplicated in a remote Datacenter.
Supervision
Servers, communication means, and services are constantly monitored. Alerts are set so that teams are immediately informed of any potential anomaly, or any situation that could lead to a degradation of service.
Vulnerability management
Our development tools SonarCloud and Github analyze our code daily. Thus, “Common Vulnerabilities and Exposures“, vulnerabilities of software dependencies, and others are automatically reported to us. Each discovery of vulnerabilities is handled by the development team.
Application update management
SaaS services: Critical and security updates are deployed as soon as they are available after validation in a test environment.
Hosted services: updates are deployed if this optional service has been subscribed to, and according to the terms provided in the contract.
“on premise”: updates are deployed in agreement with the operations team and the general administrator of the platform.
Intrusion detection
All access flows to the platform are analyzed to identify and block abnormal flows and malicious programs.
Personal Data
The Data Protection Officer is the guarantor of Silverpeas’ compliance with its obligations. He can be reached at: : dpo@silverpeas.com
Want to know more? Ask us for our security assurance plan