Security
GET Information Technology GmbH (also “GET IT”), the developer of Radar, strives to provide a safe and reliable service to all users.
The security of your data is our priority. We use cutting-edge security features to give you complete confidence in our service.
Flexible deployment
Cloud
The Radar system is hosted on a physically isolated server at a Tier III and ISO 27001 certified data center operated by STRATO AG. The employed facilities are located in a secure and secret location in Germany with 24/7 monitoring and physical access control.
On-premise
Radar can be securely deployed on a client’s in-house server infrastructure, allowing to comply with established corporate security standards and policies.
Separate environments
Application development, testing and staging environments are physically and logically segregated from the production environment, ensuring that no actual user data is used in the development or testing.
Production environment is accessible to a strictly limited number of authorized DevOps engineers. The RADAR support and maintenance teams can only access user account data upon a specific client request.
Security testing
Our internal quality assurance department continuously performs both static and dynamic analysis to review and test the Radar code base for bugs and security vulnerabilities.
Targeted application-level and infrastructure-level penetration tests and audits are regularly conducted by third-party security experts.
Multi-tenant architecture
Each client account has a dedicated database instance that is physically and logically separated from the rest, ensuring no visibility to other tenants and preventing data corruption and intersections between different client accounts.
Authentication
Radar is protected against brute force login attacks and operates a strict credential policy that requires users to employ strong and original passwords. All user passwords are processed using hash functions and stored in non-human-readable format.
Alternatively, users can authenticate with single sign-on (SSO), using a set of external login credentials. Every account login attempt is recorded in a detailed access log to detect signs of suspicious activity and prevent intrusion.
Role-based access permissions
To protect against insider threats, users with owner and admin rights are provided with fine-grained role-based access control mechanisms helping to ensure that other users can only view and edit the data they are allowed to on an individual level.
Data encryption
All data sent between users and the Radar application is encrypted in transit over public networks via HTTPS using Transport Layer Security (TLS). This also applies to all login pages.
GDPR compliance
As a company that serves users in the European Union, we are fully compliant with the General Data Protection Regulation (GDPR), which essentially allows all our clients to benefit from the high data privacy standards. For more information on our privacy practices, please see our Privacy Policy.
Data backup and redundancy
Account data is fully backed up daily, following a strict backup regime. To avoid a single point of failure, the employed data center facilities have multiple levels of redundancy built in, including a fault-tolerant power supply, modern fire protection, detection and suppression systems, and independently dual-powered cooling equipment.
