Technical Documents | Student Research Experience

Technical Documents and Information for Prospective Clients

This page provides clients and prospective clients information about policies at Jay Beaton Consulting LLC (JBC) and links to various documents.

Hosting of SRE.college Websites

SRE.college websites are hosted with Platform.sh, a continuous-deployment, cloud hosting solution for web applications. Security features at Platform.sh include:

Encryption - Data in transit between the World and Platform.sh is always encrypted as all of the sites and tools which Platform.sh supports and maintains require TLS or SSH to access.
Service isolation - Each site is deployed in its own LXC container, protected by network firewalls.
Protective block - The Platform.sh service has a protective blocking feature that can restrict access to web sites with known security vulnerabilities, preventing their exploitation.
Read-only file system - Every application is deployed to a read-only file system, helping to prevent many attacks on application code.

Backups

Daily backups of SRE sites are taken to safeguard custom data. These backups are retained for at least 7 days, and will be purged between 7 days and 6 months.

Business Continuity and Disaster Recovery

JBC is a cloud-based company with all employees and contractors working from home. Source code for all projects is stored in Git repositories hosted by cloud-based providers, and hosting of all websites is done by cloud-based hosts. Given this setup, JBC will be able to respond quickly to any incident. If required, we will be able to move a website away from an affected host server to a new one.

Accessibility

The Muser installation profile that SRE.college sites use is built from the ground up with accessibility in mind. We aim to meet or exceed WCAG 2.0 AA requirements, and through this, Section 508 requirements.

VPAT 2.5 508

Accessibility issues can be reported in our public a11y-issues repository on GitHub.

End-of-life and Data-sanitization

Data deletion is handled via the backend providers used by Platform.sh.

When a volume is released back to the provider, the provider will perform a wipe on the data utilizing either NIST 800-88 or DoD 5220.22-M depending upon the offering. This wipe is done immediately before reuse.

Incident Response Plan

If an incident occurs, JBC will quickly work with our hosting providers to limit the impact. We will have access to application and server logs to help us investigate the cause and respond properly.

HECVAT

We can provide our HECVAT document upon request.