User Guide
Security
At Sitegurus, the security of your data is our top priority. We employ various measures to ensure your data remains safe and protected.
Data Encryption
All data handled by Sitegurus Protect is encrypted using industry-standard encryption techniques to protect it from unauthorized access.
- Encryption at Rest: All data stored in Github is encrypted using AES-256 encryption.
- Encryption in Transit: Data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).
Authentication and Authorization
We use robust authentication and authorization mechanisms to ensure that only authorized users can access your data.
- GitHub Authentication: Users authenticate using their GitHub accounts. We never store your GitHub password.
- Siteglide Authentication: Users authenticate using their Siteglide credentials. We use secure token-based authentication for session management.
- OAuth 2.0: We use OAuth 2.0 to securely connect to GitHub and Siteglide, ensuring that your credentials are never exposed to our servers.
Access Controls
We enforce strict access controls to ensure that only authorized personnel have access to your data.
- Role-Based Access: We use role-based access controls to restrict access based on the user's role within your organization.
- Least Privilege Principle: Users are granted the minimum level of access necessary to perform their tasks.
- Access Auditing: All access to data is logged and monitored to detect and respond to unauthorized access attempts.
Data Backup and Recovery
We implement regular backups and provide mechanisms for data recovery to protect against data loss.
- Regular Backups: Data is backed up regularly to ensure that it can be recovered in case of accidental deletion or corruption.
- Disaster Recovery: We have a comprehensive disaster recovery plan in place to ensure data availability in case of a major incident.
Application Security
We follow best practices for application security to protect against vulnerabilities and threats.
- Secure Development Lifecycle: Security is integrated into every stage of our development process.
- Regular Security Testing: We conduct regular security testing, including penetration testing and vulnerability scanning.
- Patch Management: We promptly apply security patches and updates to all our systems and applications.
Compliance
We comply with relevant laws and regulations to ensure the protection of your data.
- GDPR: We comply with the General Data Protection Regulation (GDPR) to protect the privacy and personal data of EU citizens.
- Data Protection Policies: Our data protection policies are designed to comply with applicable laws and regulations.
Incident Response
We have a well-defined incident response plan to handle security incidents effectively.
- Incident Detection: We use advanced monitoring tools to detect security incidents in real time.
- Incident Response: Our incident response team is trained to respond quickly and effectively to security incidents.
- Post-Incident Review: We conduct post-incident reviews to learn from incidents and improve our security posture.
Contact Us
If you have any questions or concerns about the security of your data, please contact our security team at security@sitegurus.io.