Security of the infrastructure

%%{init: {'theme': 'base', 'themeVariables': { 'fontSize': '60px' }}}%%
graph TD
    Vest["🔒 🦺 🔑"]

Accounts

  • Never give personnel more access than strictly necessary to do their work.

  • Whenever possible, use automatic termination of accounts after a specific date or period.

Installation site

  • One should install hardware such as Modbus Gateway behind at least a locked door.

  • One must report missing hardware and its certificates revoked ASAP.

  • Equipment must be password protected with a unique random password.

  • Equipment must connect over an encrypted channel.

  • Equipment must never expose itself on the public internet.

  • Equipment must continuously be updated with security patches.

Office

  • Employees at NODA are required to use Bitwarden for password management.

  • TOTP is enforced whenever possible. For the most important objects, U2F security keys (from Yubico) are used.

  • Employees' workstations/laptops are full-disk encrypted.

  • Employees' workstations/laptops must be updated with new security patches at a regular interval.

  • WiFi passwords to the office network are never shared with visitors or friends.

Servers

  • Software that exposes an interface to another system must always require authentication, even if the system exposes an interface in a "secure" environment.

  • Access to the server system is only allowed through an SSH bastion using certificate authentication. Only the DevOps team has access to this gateway.

  • One must never expose the Kubernetes API to the internet outside a maintenance window. During these windows, only a handful of selected IP addresses are allowed to communicate with the API endpoint.

  • Machines, Container and Software packages must be tracked for updated of security patches.

Code

  • Code in repositories is continuously scanned for new security vulnerabilities.

  • Whenever an issue is found, the code is patched, verified and deployed within the next available maintenance window.

  • Employees are only given access to a project they are working on.

  • Code is written with security in mind.

    • As few dependencies on external systems as possible.

    • Known libraries shall ONLY ever manage cryptography. Never implement a crypto-solution by yourself.

    • Having test cases for most of the code is key to having a stable code base.