Security policy: technologies
Infrastructure and Presentation of our Technology
Introduction
Collaboration and all tasks linked to teamwork, such as group messaging, document-sharing and synchronization, task management, group schedules, video-conferencing and screen-sharing are essential tools when it comes to team productivity. Wimi offers these essential team-work tools with the highest reliability, availability, and security requirements. Based on proven technologies, Wimi has developed a highly accessible and secure architecture to best respond to these needs.
Disclaimer
This document is provided only as a point of reference. Despite all efforts to verify the comprehensiveness and the accuracy of all information contained in this document, it is provided “as is” without guarantee what will happen and within given limits. In the interest of continuous product development, Wimi reserves the right to make improvements to this document and to the products described at any time without warning nor obligation.
1. Overview
Wimi allows easy and efficient collaboration on projects and provides a unique and simple tool to communicate effectively, share and synchronize documents, assign and carry out tasks, synchronize calendars and monitor activities. It’s equally an ideal tool for project collaboration at the forefront of an organization. Available as a SaaS product, Wimi allows access no matter where you are, no matter when you need it, bringing together all the content and tools you need for teamwork. Reliability, availability, and security are just some of the essential reasons why so many companies rely on and trust Wimi.
Wimi has devised an infrastructure along with applications that optimize performance, resilience, and security. Wimi works alongside data centers in France that comply with international regulation, ensure availability and promise maximum security. Wimi is currently hosted by the Scaleway SAS (Iliad Group) on a dedicated infrastructure of which the architecture has been completely designed by Wimi. Wimi maintains full and complete control over the physical machines that make up the infrastructure.
2. Reliability
Wimi’s infrastructure has been designed with a focus on resilience. Each component (from the computer to the power supply, and even the network connection) at the heart of the system is exchangeable and can be replaced in case of failure or breakdown. Each physical server’s logic groups or VMs are organized in clusters before service is continued in case the machine breaks down, temporarily welcoming a supplementary charge for the available machines.
2.1 High-level availability
The high level availability of Wimi’s infrastructure is based on the exchangeability of all components. This exchangeability ensures system availability in the case of component failure. Each component has at least one independent backup.
Three levels of exchangeable load balancers are currently in place:
- Firstly, at the datacentre’s entry level, the traffic is balanced towards the Load Balancer HA Proxy
- Secondly, the Load Balancer HA Proxy itself will even balance the load in the direction of the application servers.
- Thirdly, the applications will balance the load between different database server nodes.
2.2 Main Components of the Infrastructure
The infrastructure is made up of the following main groups:
- Load Balancer HA Proxy- distribution of the entering load
- Cluster of application server nodes
- Real time communication management server -> client
- Generation of file previews
- Dynamic generation of archives for multiple downloads
- Cluster of application servers « web/api » treatment of calls on Wimi’s api
- Cluster of application servers « filer/api » treatment of calls on Wimi’s api concerning files and the treatment of synchronization trees on Wimi Drive
- SQL database cluster (OostgreSQL) master/salve- sharing and replication of necessary service data to respond to performance and high availability
- Cluster of master/slave database. No SQL (MongoDB) used by non-structured data management (e.g. Account activity)
- Cluster of user file storage servers and the associated metadata
- Database backup in secured servers situated in the second data centre. The backups take place every 3 hours
- User file backups in the second data centre (every night)
Wimi’s security requirements and reliability have been built from the very conception of the underlying infrastructure network.
The data centers are protected by firewalls that strictly filter all of the incoming traffic, allowing only authorized flow. This is an active preventative solution that particularly protects against denied service by analyzing the traffic and comparing the characteristics of other attacks. If the comparison is positive, the protection services become active within a few seconds.
Wimi implements exchangeability and balance of growing load, guaranteeing maximum exchangeability and the availability of our product. All of the links are, at least, doubled at each routing point, and incoming traffic is allocated to different applications and web servers. The balancing functionality of exchangeable load means that any server breakdown can be instantly managed.
2.3 Data Transportation Security
Our front end server figures all external connections with a web security policy mechanism (HTTP Strict Transport Security aka HSTS).This protects our services against active and passive network attack (listening). A “man in the middle” attacker has a significantly reduced capacity to intercept any queries or responses between a user and our web application servers.
As well as this, Wimi benefits from network isolation. Network isolation means that all of the servers in our infrastructure are isolated within our data centers and connected by private, dedicated networks.
2.4 Storage Resilience
All files uploaded to Wimi (with version history up to 15 documents by default) are stored on NFS Raid6 servers that use SSD pro and the controllers of which have BBU emergency power supplies that can eliminate all partial writing potentially leading to data corruption. Each server uses 12 SSD data storage disks. The data linked to the files is replicated on 12 SSD disks so that the system can bear the loss of 2 of these disks.
2.5 Data backups and the duplication of the Datacenter
The data management and backup strategy has been put in place to allow fast data recuperation in the case of minor incidents, fully limiting our exposure to major incidents.
For example, in the case of minor incidents, (e.g.accidental deletion of data by a user) we are in the position to restore this data in a matter of hours. As well as this, we protect ourselves against major incidents by making sure that we save 100% of client data (files, BDD history) as well as the VMs and necessary configurations by reinstating them in a parallel infrastructure in a second data center.
In this way, we can assure data recovery post-disaster in the case of a major system breakdown.
Databases are saved every 3 hours so that client files can be replicated every night.
The backup servers are secure, isolated, and accessible for backup applications.
2.6 System Evolution and Growth management
The setup of Wimi’s infrastructure allows the addition of servers or virtual machines to support growth when we reach a stage that congestion has started to occur. For this, Wimi uses a substantial detection system based on continued surveillance and performance analysis of the infrastructure. The system tool collects and analyses, in real time, the data techniques of the infrastructure, and notifies the team when predefined levels of load are reached. As well as this, a dashboard allows data analysis of the infrastructure within a certain time period, and therefore it’s possible to anticipate upcoming congestion.
3. Security
Wimi benefits from numerous and high levels of security. Take a look at the rules and the measures linked to security that we have put in place:
3.1 Access and authentication
To access the application, the user must first have been authorized to access it by one of the administrators of the Wimi account concerned. Wimi enables not only people inside the user company to collaborate (profiles present in the company directory), but also people external to the company (e.g. customers, partners, suppliers). For internal people, Wimi offers secure authentication via Security Assertion Markup Language 2.0 (SAML 2.0) through the TLS protocol. For external persons, an identifier (email), a password and, optionally, a third authentication factor will be used.
3.2 Strong Password Policy
Wimi offers an advanced password policy that includes the following settings:
- Length (at least 8 characters by default)
- Format (one lowercase and one uppercase, a number or a symbol by default)
- Expiry
- Renewal (not to have been used before)
- Session duration (12 hours by default)
3.3 Password protection
User passwords are never saved in a readable form. In the database, Wimi saves passwords in cryptic forms. The technology used makes these passwords unreadable
When a user submits a new password, it is crypt and compared to the cryptic version that we have in our data base.
Different applications that connect automatically to your Wimi account use a version derived from a crypt password to connect.
So in short, Wimi never saves your passwords in clear writing.
3.4 Single Sign-On
Wimi uses Single Sign-On (SSO) through the protocol SAML V2 that allows current company employees to set up user profiles.
3.5 Mobile Access
Mobile users can access the Wimi mobile app from a diverse range of devices (iPhones, iPads, Android and tablets) available on the App store and GooglePlay. The security policy encompasses mobile devices.
All transmitted data between Wimi’s infrastructure and mobile is encrypted with a heightened level of security (TLS protocol).
3.6 Transit/Download
Once securely connected to the application, users can save, download, or upload files (as long as the corresponding access rights have been granted), be it on the user web navigator or with the help of the synchronization tool (Wimi Drive).
All transmitted data between the Wimi infrastructure and client applications are transferred in a HTTPS (TLS) tunnel protected by AES-256-GCM (Advanced Encryption Standard 256 bits in Galois/Counter Mode). The TLS certificate is signed with an RSA 2048 key.
3.7 Controlling Access Rights within the application
Wimi offers specific and complete access rights management on each work space. For each participant on a workspace, this allows you to choose which modules they will have access to and under what conditions (reading only, reading and writing). As well as this, there is also access rights management available in folders and sub-folders within a workspace.
3.8 Conservation of data
As soon as a user deletes a file, the file is moved to the workspace’s trash. From the trash, the file can be restored (for 90 days by default) by any user of the corresponding workspace. Once a file has been deleted from the trash, it is still retrievable for up to 30 days.
4. Availability and Security of the Datacenter
Wimi is operated in data centers run by a provider located in France (currently Scaleway SAS).
Information concerning the availability and the security of the data centers that we use can be found within the following documents :
Production Data center : Scaleway DC3
Backup Data center : Scaleway DC5
4.1 Compliance
The data centers have received ISO 50001, HADS, ISO 27001. These standards certify that the necessary security measures and management procedures are in place. The production data center is also certified Tier III design by the Uptime Institute (2014).
4.2 Availability
Each room in the data center is equipped with fire alarms and a system in place to distinguish fires, as well as fire doors. The data center has a double electricity source. In case of a power cut, they have generators that provide an initial autonomy of 72. Numerous security measures have been put in place to eliminate all risk of failure.
A human presence in the data centers 24/7, 365 days a year guarantees that the servers are constantly and consistently maintained. In the case of a technical issue, the team is able to react immediately to ensure that the server is repaired as quickly as possible
4.3 Security
The data centers used by Wimi have maximum physical security. All local access is strictly controlled. To protect against intrusions and potential risk, the data centers are protected by barbed wire fences. Motion detectors and video surveillance systems are also in constant use. Activity outside of the data center buildings is controlled and registered on secure servers, and a surveillance team is on site 24/7.
4.4 Access and Policies Employed
The number of Wimi employees that have access to the infrastructure is extremely limited. Those that have access must sign a specific confidentiality agreement and agree to a confidentiality clause under their employment contract.
All access to the Wimi infrastructure is controlled, monitored and is done so by VPN- only certain predefined Ips are authorized to establish a tunnel (white list of IP addresses) with the help of an RSA 4096 key.
This communication tunnel is therefore encrypted in AES-256-CBC and broken up in SHA-512.
Administrators must therefore self-authenticate in SSH with their private key (ED25519 ou ECDSA) that is protected by a pass phrase.
5. Product Characteristics
5.1 Functionalities and administrative management
Wimi offers companies centralized control over user accounts (creation, deactivation, or deletion) ; and each user password can be reset by a Wimi administrator. In the application, any workspace and associated access rights can be accessed, managed, and deleted by the administrators.
5.2 User management features
Wimi allows full access control of each workspace thanks to a flexible authorization system.
On the workspace, access rights management is done by modules (channel, documents, tasks, calendar, activities, and reports) and by participant with 3 levels of authorization: read only, read and modify, and access denied.
Additional access rights management allows the accessibility of certain folders and sub-folders to be limited to only specific users in that workspace.
Regarding files, users can retrieve historic versions of each file for up to 15 previous versions.
6. Private Life
Wimi has an extremely high level of respect for the legal and regulatory framework linked to the protection of the personal data of its users.