We take the security and privacy of our customer's data very seriously, and it has become one of the major benefits of using Pagedip.
In general, we follow industry standard best practices.
Servers hosted by Google Cloud, which provides us a variety of first-class security tools such as private networks, DDOS protection, and more.
Designed under the Principal of Least Privilege. All systems, big and small, are only given permissions necessary to operate, in order to minimize any potential compromises.
Passwords are stored using standard cryptographically secure hashing.
Security headers (CORS, CSP) to help combat common browser attacks such as CSRF and XSS.
24/7 monitoring of all systems.
Additionally, Dedicated Deployments are further protected.
SSL certificates are provided for all domains, including custom domains. More on that below.
Isolated backend resources means a dramatically reduced chance of being impacted by security-related events.
SSL certificates are provided for all domains under a Pagedip Dedicated Deployment, including custom domains. Certificates are obtained through Let's Encrypt, which is supported by a large number of browsers.
For custom domains, please let us know the domains you intend to use so we can generate the certificates. If you wish to provide the SSL certificate for your custom domain (eg. an EV certificate), we can generate a Certificate Signing Request (CSR) for you to obtain one from any Certificate Authority (CA).
Understanding How to Best Protect your Pagedip Data
Pagedip software aims to be secure by default. We will setup your accounts with standard defaults that will keep your data secure. However, our permissions system is very dynamic, allowing you to make data public if you choose.
Here are some tips for keeping your data safe.
Regularly check Organization members and teams.
The members page under the IAM tab of oPanel will show you exactly the users with access to the data in that organization. Regularly review this list to ensure that every user has the correct permissions.
Both Servers and Pagedips can have permissions.
It's important to remember that in oPanel, both servers and Pagedips have their own permission pages. These two separate permission tiers allow for custom set ups, but also means that easy to lose track of permissions.
If you have Single Sign-on, check the automatic team assignments.
When a user signs in with SSO, they will automatically be added to the teams in this list. Regularly review this list to ensure that users can't elevate their permissions unintentionally.
When in doubt, contact Pagedip.
We have advanced controls for maintaining account security and permissions. There are a variety of things we can provide on request:
Audit logs of user activity within an organization.
Tailored permissions and teams for custom authorization set ups.
Advanced GUI for managing permissions and teams.