Compliance & Security

A core challenge that StationOne solves is providing a secure way to connect and interact with multiple data repositories.

Integration can be achieved in a variety of methods, preferably via API.

The StationOne platform features a decoupled design principle, where the user facing interfaces are centrally hosted and store no data. There is only ever a single production instance of the StationOne application.

Databases can be provided by the vendor as part of the deployment, or on-premise databases may be used.

Auditing

StationOne is audited against ISO27K - international standard for for managing the risks relating to various types of information such as customer data, intellectual property, financial systems and personal data.

The platform is regularly scanned for vulnerabilities, alongside automated scanning for OWASP and CVE.

Infrastructure

StationOne is a serverless application, as such, no operating systems or servers are involved in the deployment or hosting of the platform.

Cloud Data Stores are used where the end user does not provide a database. These may be hosted on AWS or Azure.

The StationOne platform is designed to function with PostgreSQL.

Data in Transit

StationOne APIs and static resources are served over HTTPS only.

Supported Protocols

• TLS v1.2

• TLS v1.3

Supported Ciphers

• EECDH+AESGCM

• EDH+AESGCM

• AES256+EECDH

• AES256+EDH

Unique Diffie-Hellman parameters are generated for each new deployment.

SSL certificates can be provided and signed by your internal CA or generated by fireHouse Labs and signed by Let’s Encrypt.

Data at Rest

Minimal configuration information is stored on disk as part of the platform infrastructure.

All platform settings support encryption via AES256-GCM.

All data at rest in the database is encrypted and implements row level security controls.

Authentication

All API requests use short-lived Auth tokens obtained via OAuth2.

Authentication for token creation takes place via an external identify service (SSO).

Options include SAML2 and OAuth2.

No components store or have access to SSO user credentials at any point during authentication.

In cases where an external identify provider is not available (dev / staging environments), local role-based accounts may be created.

Credentials for these are encrypted using crypt (256 bit AES using GCM ciphers) prior to storage.

No “default” passwords exist for these.

Privacy

No information is ever transmitted externally by the platform.

Default deployment configurations do not include any remote telemetry, data collection or remote components.