GRAVITY interacts with the HTML Tags in your applications DOM Tree. It never programmatically accesses any of the data below. We guarantee by contract that the data we see is never accessed by our code. You may verify this on your own by inspecting our JavaScript code in your browser. This means, we never work with any of your business-critical data. The questions and answers below talk about GRAVITY content (data): thereby we mean content a content owner created and not your business-critical assets as we do not see or work with them. From a technical standpoint, our approach involves the calculation and storage of JQuery selectors, specifically from the BODY to the target element, utilizing the text() function solely for the target element. It's important to note that only the text of the target element and its descendants have the potential to be stored in our database, contingent upon the application's construction. Conversely, any text stemming from a form input will be disregarded, as inputs and scripts are not compatible with this function. |
Security and Privacy is a ‘major topic’ for Gravity Global AG. Mainly because we are selling our products to Banks and Infrastructure Companies and have to pass their Security Review. Therefore, we code to be compliant with the EU’s GDPR guideline and take great care of the vulnerability of the web app’s API as well the scripts we run on the client’s browsers.
Security is part of our ISO 29119 based Software Testing Standard. All testing protocols, for the installed versions of GRAVITY, can be request for internal review by any customer.
The only data GRAVITY collects about a user is his email address and his learning progress. No other personal data is collected (not even a name or a number [of course the email may contain the name or parts of it]). Keep in mind that Gravity is an additional layer and therefore has no access to production data itself.
Hosted GRAVITY instances are single tenant installations, running on isolated K8s containers. Access to any data is possible through the admin interface. The access configuration to the admin site is configured as part of the setup process. Normally Gravity Global AG employees have a dedicated admin user during the initial setup and configuration process. After that period, such admin user’s gets deleted, and the customers admin access accounts will be protected by a second factor. After that, absolutely no data can be seen or decoded by anyone expect the customer itself.
This depends on your hosting type:
Variant | Residency (all envs) | Company control over location |
---|---|---|
On Premise | The customer company | Yes |
Microsoft Azure | By Choice, but EU | No |
OpsOne | Switzerland | No! Within Swiss boundaries. |
OpsOne - EU | Germany | No! Within German boundaries. |
This depends on your hosting type:
On premise yes, in Swisscom Application Cloud too. OpsOne, Yes. Azure subject to research.
Gravity Global AG has not yet such certification.
The infrastructure we currently use is protected by OpsOne (App Security scanner - but it also depends on your hosting type). As written on top, when hosting the application yourself On Premise you are responsible for a great part of security yourself.
The application itself uses HTTPS, Hash-Salted Passwords and HTTP-Only-Cookies to ensure authentication and authorisation.
Users can be expelled anytime.
Transit: HTTPS is used for transit and only hashed passwords are transmitted. Authenticated users are identified by a HTTP-Only-Cookie.
Rest: In our case OpsOne encrypts the data and keeps it safe (Linux Unified Key Setup ( LUKS)). On premise: the data safety cannot be guaranteed by Gravity Global AG or its cloud providers.
No, the URLs are SHA-256 hashed and never seen plain text.
Dependencies (with some exceptions in the inject script where we use a fork of jQuery) are kept up to date firstly by the development team and secondly by Maven and our CI pipeline. As Software Testing Standard we use ISO 29119. On all major releases, we let a Swiss Security Company conduct penetrations tests against our services and code. The latest penetrations tests reports will be sent to any interested parties, after having the appropriate NDA in place.
Yes. Depending on your chosen level of integration, passwords are stored SHA-256 hashed and salted in the GRAVITY Database (depending again on question 1 where this will be). You can manage all of that in the admin backend we also provide.
Please note that if we would build your SSO, the password/token setup needs to be engineered.
Yes - see configuration
Available through cloud provider’s service offering.
Depends on hosting choice. On Premise you are responsible for your servers. Different cloud providers offers SLA’s for partners and customers which we would acquire on the customers behalf (paid by the customer). Microsoft Azure has different subscriptions which can be chosen from. Since GRAVITY is not business critical and does not interfere with daily business, cheaper plans are advised.
No.
Data-rollback: Yes.
Data-Deletion: Depends on hosting choice. Available through cloud provider’s service offering.
Data-retention: Depends on hosting choice. Available through cloud provider’s service offering.
We are GDPR compliant, we collect no personal data besides the email address, we stated this in our wiki and at the top but here is an excerpt:
Data | Lawful basis | How is consent collected? | Can consent be revoked? | Individual rights |
---|---|---|---|---|
E-Mail address | We need an identifier for a user to ensure he is part of the domain that our client uses. We use the working e-mail address of employees to onboard them into the clients gravity configuration. | The client (e.g. Company XY which is employer of user) gives consent for all its users. | No, the client gives consent for the user. | Right of access Right to be informed Right of erasure Right of rectification Right to object Right not to be subject to automated decision-making Right to data portability |
Yes, check it at GRAVITY overview.
None. Check our GRAVITY overview to understand how GRAVITY works. If you chose the hosting option On Premise there will be JavaScript files inside your data center but 99.99999% not on the same server as your application.
Employees: This is guaranteed on contract level between you (the customer) and Gravity Global AG.
Code: Our code is peer reviewed (and pentested by Info Guard) and can be inspected in your browser for maximum transparency. We also ensure with our backend that no XSS, CORS, SQL Injection or similar is possible.
Detailed plugin descriptions are available at: Browser Extensions
There are only two things stored within the plugins local storage: A TTL and an URL.
See aforementioned answer. Data are stored on the plugins local storage as long as the TTL hasn't expired.
The plugin itself can access TTL and URL on every page change until the TTL has expired. Afterwards it refreshes/updates the URL on the backend.
The plugin will only be installed on the clients and not on the server.
Detailed plugin descriptions are available at: Browser Extensions
The GRAVITY-Web-App provides a server log and an audit trail regarding all actions who are database/user content driven. These logs can be reviewed by the admin user of GRAVITY. From a front-end perspective, we don’t do any completeness checks. But we make sure that only authorized users/tokens can read/write against the GRAVITY-Web-App-API. Also, the GRAVITY-Web-App makes sure that certain data are cleansed before stored (the data cleansing mainly takes places to remove empty spaces at the end of forms and or in URLs). The communication between the GRAVITY-Web-App and the database is based on standard protocols and languages (the transport security is managed by the hosting provider).
Yes. In on-premise environments sometimes private CA are used. GRAVITY has a mechanic to import private certificates in deployed .jar-files and docker containers. (More information)
Yes. OpsOne uses ModSecurity to additional protection against application level attacks such as cross site-scripting and SQL injections. By default, the core rules set will be loaded, and will block common vulnerabilities and zero day attacks by adding some more global rules. But Gravity Global AG will configure additional settings in accordance of the GRAVITY configuration and the customers requests.
Yes. When we build our software we scan the built containers with Harbour. The containers are scanned with the Library Trivy.
Regarding hosting infrastructure, we work with OpsOne AG in Zurich. OpsOne manages the Kubernetes infrastructure, storage, and backup for us. The hardware is housed within NTT’s Zurich 1 Data Center and the backup location DATAROCK in Nottwil (LU). For European hosting the hardware is housed in the NTT Rechenzentrum Frankfurt 1, with backuplocation in Data Center Park Nürnberg.
OpsOne AG is ISO/IEC-27001:2013 certified and member of "Swiss Hosting".