Articles on: Compliance and Security

Availability & Continuity

Logging and Backups



Logging is per agreement with the customer. Juristic may, for example, connect tools that used for aggregation and analysis of how users use the system, including for troubleshooting etc.

Juristic works with two types of operating environments depending on the size of the customer. Per agreement with Enterprise customers, our platform can be set up in a separate operational environment which can only be accessed by this customer. Separate accounts will be created to minimise access to separate environments. Both protocols and logs can be provided to the customer regarding queries and access to databases and servers.

If no separate agreement is concluded, database and application servers in the general operating environment may be accessed more often but only to ensure uptime and minimise errors.

In the general operating environment, as mentioned above, a "least privileges" principle is applied, so only employees who have a job function that depends on this data will have access to it.

The database instance is automatically backed up every day around 01.00 CET, which ensures that any errors or outages in the database can be quickly addressed. We store the backup for up to 30 days. Furthermore, fallback versions are available for both backend and front-end servers, so any failures on these can be quickly addressed by rolling back to an earlier version In case of disasters, the operational environment should be up and running again in approximately 30 minutes, unless there is a major outage at any core suppliers.

Backups are subject to the same protection as the original data. Any logging and disclosure of these may be done at the request of the customer,

Juristic tests these backups and the ability to perform disaster recovery once a year.



Business Continuity, Updates and Up-Time



A business continuity procedure has been adopted and requirements for information security and information security continuity in such cases have been defined. These are set out in our Information Security Policy, which is available for customers per request.

A procedure has been adopted for staff and contractor maintenance of information security in accordance with established policies and procedures.

The following general rules for updates have been adopted:

New versions of the application are updated only after 21:00 (CET) in the evening.
Updates to servers and databases are done according to the best practices published by 3DS Outscale: https://docs.outscale.com/en/userguide/Keeping-Your-Operating-Systems-Updated.html
Security updates related to the source code come along with other updates.
Batch runs that may affect the use of the system only happen during the time 00:00 - 05:00 CET.

Updated on: 20/08/2024