We are constantly confronted with the same security, protection and safety questions. The Q&A below addresses all the cases we heard.
Please note, beforehand:
GRAVITY interacts with the HTML Tags in your applications DOM Tree. It never programmatically accesses any of the data below. We guarantee by contract that the data we see is never accessed by our code. You may verify this on your own by inspecting our JavaScript code in your browser. This means, we never work with any of your business-critical data. The questions and answers below talk about GRAVITY content (data): thereby we mean content a content owner created and not your business-critical assets as we do not see or work with them. |
If you decided to host our backend On Premise. Naturally, physical protection, firewall configurations, server security and all other On Premise installations are out of our hands. We are happy to help you but can not guarantee the safety of your server in your data center. |
Security and Privacy is a ‘major topic’ for Gravity Global AG. Mainly because we are selling our products to Banks and Infrastructure Companies and have to pass their Security Review. Therefore, we code to be compliant with the EU’s GDPR guideline and take great care of the vulnerability of the web app’s API as well the scripts we run on the client’s browsers.
Security is part of our ISO 29119 based Software Testing Standard. All testing protocols, for the installed versions of GRAVITY, can be request for internal review by any customer.
The only data GRAVITY collects about a user is his email address and his learning progress. No other personal data is collected (not even a name or a number [of course the email may contain the name or parts of it]). Keep in mind that Gravity is an additional layer and therefore has no access to production data itself.
This depends on your hosting type:
Variant | Residency (all envs) | Company control over location |
---|---|---|
On Premise | The customer company | Yes |
Swisscom Application Cloud | Switzerland | 50:50. Within Swiss boundaries guaranteed by Swisscom Schweiz AG |
Microsoft Azure | By Choice, but EU | No |
OpsOne | Switzerland | No! Within Swiss boundaries guaranteed by OpsOne AG |
This depends on your hosting type:
On premise yes, in Swisscom Application Cloud too. Azure subject to research.
Gravity Global AG has not yet such certification.
The infrastructure we currently use is protected by Swisscom (but also depends on your hosting type). As written on top, when hosting the application yourself On Premise you are responsible for a great part of security yourself.
The application itself uses HTTPS, Hash-Salted Passwords and HTTP-Only-Cookies to ensure authentication and authorisation.
Users can be expelled anytime.
Transit: HTTPS is used for transit and only hashed passwords are transmitted. Authenticated users are identified by a HTTP-Only-Cookie.
Rest: In our case Swisscom encrypts the data and keeps it safe. On premise: the data safety cannot be guaranteed by Gravity Global AG or its cloud providers.
No, the URLs are SHA-256 hashed and never seen plain text.
We (startup) currently trust in code reviews by our Minsk development team. Also, our investor undertook security audits when accepting our latest version. Dependencies (with some exceptions in the inject script where we use a fork of jQuery) are kept up to date firstly by the team and secondly by Maven and our CI pipeline. As Software Testing Standard we use ISO 29119.
Yes. Depending on your chosen level of integration, passwords are stored SHA-256 hashed and salted in the GRAVITY Database (depending again on question 1 where this will be). You can manage all of that in the admin backend we also provide.
Please note that if we would build your SSO, the password/token setup needs to be engineered.
Resources to build are available at customer’s costs (since the solution is proprietary and not yet supported by GRAVITY).
Available through cloud provider’s service offering.
Depends on hosting choice. On Premise you are responsible for your servers. Swisscom Application Cloud offers SLA’s for partners and customers which we would acquire on the customers behalf (paid by the customer). Microsoft Azure has different subscriptions which can be chosen from. Since GRAVITY is not business critical and does not interfere with daily business, cheaper plans are advised.
No.
Data-rollback: Yes.
Data-Deletion: Depends on hosting choice. Available through cloud provider’s service offering.
Data-retention: Depends on hosting choice. Available through cloud provider’s service offering.
We are GDPR compliant, we collect no personal data besides the email address, we stated this in our wiki and at the top but here is an excerpt:
Data | Lawful basis | How is consent collected? | Can consent be revoked? | Individual rights |
---|---|---|---|---|
E-Mail address | We need an identifier for a user to ensure he is part of the domain that our client uses. We use the working e-mail address of employees to onboard them into the clients gravity configuration. | The client (e.g. Company XY which is employer of user) gives consent for all its users. | No, the client gives consent for the user. | Right of access Right to be informed Right of erasure Right of rectification Right to object Right not to be subject to automated decision-making Right to data portability |
Yes, check it at Gravity overview.
None. Check our Gravity overview to understand how GRAVITY works. If you chose the hosting option On Premise there will be JavaScript files inside your data center but 99.99999% not on the same server as your application.
Employees: This is guaranteed on contract level between you (the customer) and Gravity Global AG.
Code: Our code is peer reviewed (and pentested by Info Guard) and can be inspected in your browser for maximum transparency. We also ensure with our backend that no XSS, CORS, SQL Injection or similar is possible.
Detailed plugin descriptions are available at: Plugin Version 2.x
There are only two things stored within the plugins local storage: A TTL and an URL.
See aforementioned answer. Data are stored on the plugins local storage as long as the TTL hasn't expired.
The plugin itself can access TTL and URL on every page change until the TTL has expired. Afterwards it refreshes/updates the URL on the backend.
The plugin will only be installed on the clients and not on the server.
Detailed plugin descriptions are available at: Plugin Version 2.x
The GRAVITY-Web-App provides a server log and an audit trail regarding all actions who are database/user content driven. These logs can be reviewed by the admin user of GRAVITY. From a front-end perspective, we don’t do any completeness checks. But we make sure that only authorized users/tokens can read/write against the GRAVITY-Web-App-API. Also, the GRAVITY-Web-App makes sure that certain data are cleansed before stored (the data cleansing mainly takes places to remove empty spaces at the end of forms and or in URLs). The communication between the GRAVITY-Web-App and the database is based on standard protocols and languages (the transport security is managed by the hosting provider).
Yes. In on-premise environments sometimes private CA are used. GRAVITY has a mechanic to import private certificates in deployed .jar-files and docker containers. (More information)