- Cloud: The RADAR system is hosted on a physically isolated server at a Tier III and ISO 27001 certified data center operated by STRATO AG. The employed facilities are located in a secure and secret location in Germany with 24/7 monitoring and physical access control.
- On-premise: RADAR can be securely deployed on a client's in-house server infrastructure, allowing to comply with established corporate security standards and policies.
- Application development, testing and staging environments are physically and logically segregated from the production environment, ensuring that no actual user data is used in the development or testing.
- Production environment is accessible to a strictly limited number of authorized DevOps engineers. RADAR support and maintenance teams can only access user account data upon a specific client request.
- Our internal quality assurance department continuously performs both static and dynamic analysis to review and test the RADAR code base for bugs and security vulnerabilities.
- Targeted application-level and infrastructure-level penetration tests and audits are regularly conducted by third-party security experts.
Each client account has a dedicated database instance that is physically and logically separated from the rest, ensuring no visibility to other tenants and preventing data corruption and intersections between different client accounts. Authentication
- RADAR is protected against brute force login attacks and operates a strict credential policy that requires users to employ strong and original passwords.
- All user passwords are processed using hash functions and stored in non-human-readable format.
Role-based access permissions
- Every account login attempt is recorded in a detailed access log to detect signs of suspicious activity and prevent intrusion.
To protect against insider threats, users with owner and admin rights are provided with fine-grained role-based access control mechanisms helping to ensure that other users can only view and edit the data they are allowed to on an individual level. Data encryption
All data sent between users and the RADAR application is encrypted in transit over public networks via HTTPS using Transport Layer Security (TLS). This also applies to all login pages. Data backup and redundancy
- Account data is fully backed up daily, following a strict backup regime.
- To avoid a single point of failure, the employed data center facilities have multiple levels of redundancy built in, including a fault-tolerant power supply, modern fire protection, detection and suppression systems, and independently dual-powered cooling equipment.