The following operational practices are observed and followed by the DigiGo EMI Locker (formerly Digigo Locker ) DevOps and SysAdmin team to manage our cloud infrastructure:
-
Only designated DevOps and System Administrators have access to production servers. No other employees have access to production systems.
-
Each SSH login incident is logged and reported in the management console in real-time.
-
SSH login is secured with public/private key which is an industry standard.
-
Some critical systems are protected using 2FA (2 Factor Authentication).
-
Firewall policies block all ports but 80 (HTTP) and 443(HTTPS), also there is restriction about incoming and outgoing traffic. All access is logged and monitored.
-
We routinely apply OS Security patches as and when they are available (in some cases it may require some downtime)
-
TLS is enforced in all communication across data centers.
