DSpaceDirect Resources
DSpaceDirect Website
DSpaceDirect Demo Site
DSpace Resources
DSpace Website
DSpace Documentation
DSpace Wiki
DSpaceDirect KnowledgeBase
Page History
...
| Info |
|---|
This page consists of common security related questions pertaining to the DSpaceDirect hosted service. If you have additional questions not answered below, please contact support@dspacedirect.org |
| Table of Contents |
|---|
What data center do you use for DSpaceDirect? What security documentation do they provide?
Security Monitoring
DSpaceDirect provides the following security-focused monitoring:
- Scheduled and automated updates and patch deployment for the hosted operating system and system applications on DSpaceDirect servers
- Continual monitoring for DSpaceDirect service availability, with notifications sent to administrators in the event that the service is experiencing an outage. Outages, whether due to system or application failure or external attack are resolved as quickly as possible by administrative staff.
- Use of SSH intrusion prevention software on all DSpaceDirect servers
- On-going review of known exploits which may affect DSpaceDirect services followed, as needed, by manual patching and updates to limit exposure
- Monitoring for notifications from customers of DSpaceDirect failures, outages, or issues via the ZenDesk support system. Issue tickets are resolved by administrative staff.
- Monitoring of the DSpace technical community discussions for discovered security vulnerabilities. Discoveries of a security vulnerability are followed by coordination of development effort to fix the vulnerability for DSpace and integration of the fix into the deployed DSpaceDirect service.
- Community-based updates to DSpace software testing suites, which run automatically as part of the software build and release cycle, along with community-based manual system testing, coordinated by the release manager, as part of every major software release.
Data Centers and Security Compliance
We use Amazon Web Services (AWS) as our is the data center for DSpaceDirect. AWS provides very detailed documentation on their security compliance:
- AWS Security documentation: https://aws.amazon.com/security/
- AWS Compliance documentation: https://aws.amazon.com/compliance/
- AWS Whitepapers (some of which are security related): https://aws.amazon.com/whitepapers/
Is your data center SOC certified?
SOC Certification
Yes. The data center we use for DSpaceDirect is AWS (Amazon Web Services). It is SOC certified. See: https://aws.amazon.com/compliance/soc-faqs/
...
ISO
...
Certifications (e.g. ISO 27001)
...
DuraSpace / DSpaceDirect does not have any independent ISO certifications. However, AWS (Amazon Web Services), which provides our data center, is ISO 27001 certified. See: https://aws.amazon.com/compliance/iso-27001-faqs/
...
Authorization / authentication
...
Support
We support all authorization/authentication plugins that are available in out-of-the-box DSpace. Currently (as of DSpace 6), those include:
...
Overview
Content Tools