Client Responsibilities

Last Updated: Tuesday, 01 January 2017 02:43AM v091bh12

REOL Services is committed to minimizing the risks of building and maintaining online services and has invested in robust systems and processes to protect our clients, but ultimately security in Online (Cloud) environment is a shared responsibility.

• Clients must insure safe-harbor environment, especially when requesting temporary access to production clusters
• Clients may not re-use pass-phrases/passwords or request outright passphrase removal
• Clients must safe-guard application state credentials:
  • DB user/password combination (application level)
  • API tokens or third-party libraries with external data-binding
• Clients can not run or operate outdated and vulnerable software or system components
• Clients must immediately disclose all information regarding "pre-existing" application conditions
• Clients must safeguard their personal data, (we will never ask you for any identifiable confirmation) and appropriate amount of training should be invested in phishing mitigation