About data privacy
One of the most popular questions asked to our managers is: "How does ST-Mobi.com ensure data security?
Evgeniy Chestnov, Director of the service, explained all the technical components.
Data transmission and encryption scheme in ST-Mobi.com
ST-Mobi.com server is the central unit - it is connected with the accounting system, mobile devices of field employees and the user browser of the office part.
How is the data channel encrypted?
All work with ST-Mobi.com servers is conducted using secure protocols. Servers with databases are inaccessible outside the data center and access to them is allowed only from one IP address. All passwords are stored in encrypted form. The databases are isolated from each other and reside on different servers. Application servers and databases run in isolated environments, in a virtual private network, and are not directly accessible via the Internet. Developer access is provided through two-stage authorization: the first stage is creating an encrypted ssh tunnel with authorization through the LDAP directory service, the second stage is authorization of connection to the database by means of DBMS.
Is the full data backup performed?
The databases are backed up daily, the backup copies are stored in a separate Data Center. Data changes are constantly replicated to a separate server in a separate Data Center via a secure tunneled connection.
Who has access to the data?
Only the users of the service have access to your data. We do not use your data for personal purposes and do not provide it to third parties.
We store passwords in hashed form, which we cannot decrypt. Only the person who entered the password knows it. Therefore, we cannot remind a user of their current password. Managing users and accesses in the system is part of the overall security management process for each client according to their security policy. I would like to point out that it is possible to enable additional protection in the form of a pin code on the phone during authorization in the "ST Mobile Commerce" application.
Where are the servers of ST-Mobi.com?
Our servers are located in data centers. Their percentage of fault tolerance is 99.9%.
We provide each client with an opportunity to conclude a data confidentiality agreement.
If you still have any questions or want to familiarize yourself with the agreement - contact your personal manager.
* Tunneling in computer networks is a process that creates a secure logical connection between two endpoints by encapsulating various protocols. Tunneling is a networking method in which one network protocol is encapsulated in another protocol