The following doc is intended to list working practices at PrintJob and as such, will be constantly reviewed and updated.
Where is PrintJob Data stored? Where is my data stored?
PrintJob (PJ) is partnered with cloud hosting company Linode. PrintJob ‘holds’ data on hundreds of companies around the world, on servers in the UK, Texas, Frankfurt & Singapore. All EU clients are on Frankfurt based servers.
All data stored is encrypted and cannot be access by anyone for whom it is not intended.
What information are we storing?
For people who login, the minimum data required is name and email. Commonly though, PrintJob will be storing employee lists, addresses, department IDs, logos, artwork, order data and files such as invoices and stock reports.
Passwords are encrypted. PrintJob does not store any credit card or other payment info.
Access to Data
Access to client data is limited to PrintJob staff. However since all production and testing work is normally carried out on isolated and separate servers, PrintJob staff will only access client data when providing support, and with clients implicit permission. Aside from Linode (who don’t have access), PrintJob doesnt currently use subcontractors. In the event that PJ did bring in outside staff, their access would also be limited to test servers, and again, any contact with client data is prohibited unless permission is granted.
All data inputted into the software is the responsibility of the Administrators (Admins – you) and easily accessible to them. Admins can suspend, delete, create and modify user information. It is the Administrators’ job to look after this data according to their various legal requirements. No Admin has access to any passwords.
Admins can export all users, addresses, departments, orders, stock info etc. At any time.
The current PrintJob System was launched in 2015 and is in constant development.
Most of our security policies were already in line with the announcement of the EUs 2018 stringent privacy and data rules. We made some changes to our handling of cookies, and moved our EU server to Frankfurt, but otherwise we were already fully compliant.
How these Standards affect PrintJob
Broadly speaking, the ISO documentation and GDPR describes minimum and best standards and rules on how personal and company data is handled and secured, minimum password requirements, how passwords are stored, how cookies are presented and used, and how all of this is protected from unwanted intrusion.
How PrintJob protects your Data
PrintJob works in partnership with Linode to provide secure and regular backup routines, load balancing, Apache updates, SSL encyption, Firewall, anti DOS, antivirus and malware scanning, rootkit monitoring and other measures across all the PJ servers. We receive regular email alerts from Monit, a process supervision tool and email alerts indicating newly blocked IP addresses (we automatically block IP addresses with multiple failed login attempts (ie: antirobot/crawler protection)).
Our servers are protected by the following defences
-fail2ban – against brute force attacks
-iptables – firewalls only allowing access via single access ports
-Ddos – protecting against denial of service (DOS) attacks
-Rkhunter/maldet – runs 24/7 and scans daily looking for rootkits & malware
-Monit – monitors CPU/RAM usage, disk space, SSH, Apache, Postfix, Mysql, Cron, Syslog, NSD, fixing anything automatically if it can or forcing a restart of components like apache as well as sending out alerts.
3 backups are constantly maintained (yesterday, a week ago and a month ago), kept on separate, dedicated backup servers and can be recovered within 2 hrs. We test these backups on a monthly basis. Quite often we recover data from backups that clients have deleted by accident.
All connections to all PrintJob Servers are encrypted via SSL. Front end systems are automatically protected by SSL encryption in the event that you use your own domain names, a process which happens automatically when you add a domain name.
Limited Role Based Access
Only a user with a password can access the system, and unless they are an Admin user, they will only see a limited amount of data and that which is in accordance with the role to which they are assigned.
No PrintJob client (Admin) can see another client, no company client can see another company, no department client can see another department.
PrintJob does not use usernames and does not encourage anyone to share logins. Using emails as the primary identifier discourages the practice of sharing logins and is more secure. This is because you cannot access or change any data on the system including your own, without first verifying your email address. PJ does not encourage people to share any information at all.
Anyone with malicious intent could break into the PJ System, but to do so, they would first have to break into your email. If such a person did break into the customer facing system, the data they would be able to access would be limited. If an Admins email was hijacked, it would be more serious (User could steal or delete data (meaning a potential recovery from backup))
To prevent this, we would recommend further security requests, such as screen locks etc but otherwise this is outside the scope of this doc.
Single Sign On
PJ does offer SSO as a feature, which would enable you to link the PJ System with another system allowing people to use login credentials from other systems, to gain access to the PJ System. However, anyone gaining access in this way is prevented from seeing other users data. It is very secure.
All passwords are encrypted and not visible to anyone at PrintJob. No PJ staff can discover any client passwords. This is by design. If any client actually wanted PrintJob to tell them their password, we could not do it as they are all encrypted.
Passwords are minimum 8 characters with no further rules.
If someone forgets their password, they must go through the password reset process, which involves triggering an email which is sent to the user. The link in the email allows user to reset password. No-one can ever ‘look up’ their own or someone elses password or change it for them.
How do we delete users or data?
Admins can suspend users and companys, preventing them from logging in and accessing any data. Admins can delete users, but not delete companys (which can delete large amounts of info), but can request that PrintJob staff delete them.
PrintJob Systems have not formally been reviewed or tested by ISO or any EU body, but PJ would welcome any questions, interrogations and stress testing reviews conducted by any independent organisation, including defence contractors or government agencies. Such tests are becoming increasingly routine and don’t cost a lot to commission. They provide peace of mind, as well as advice to all parties, in keeping data and systems secure.
Since 2015 PrintJob has never been found to have any serious omissions or flaws in its security policy. PJ has always reacted to advice given as a consequence of these tests. The weakest link in any security system is personnel – people sharing or writing their passwords down. That’s something PJ cant prevent.
Future Development on Security
There is always pressure to increase security.
PJ is currently debating whether to increase the password requirement so that they include one uppercase letter, one special character and alphanumeric characters. However, we’re very keen not to impact usability and we are aware of the fact that we aren’t a bank.
We could also allow Google or Microsoft logins.
Are you a target? Threats?
One small point. If you or any of your clients have any reason to suspect that your data will be targeted by hackers or agencies, please inform PJ – we may take the precaution to move your systems to dedicated and ‘independent’ servers.
Does PrintJob vet its staff?
Yes. Everyone who works at PrintJob is properly checked, to ensure that do not themselves pose a threat to data security.
How does anyone get Support?
PrintJob Clients (Admins) can communicate directly with PrintJob Support via an in-app communication tool. Help articles are also found on https://printjob.com/support/
Who can see my Support Queries?
Only PrintJob staff.
What happens when the Systems go down?
Our Terms and Conditions page explains this. Downtime does happen, but when it occurs in UK office hours, it has never lasted longer than 3 or 4 hours but is more often less than 20 mins. Worst case scenario (in the event that the data is unrecoverable) PJ can restore from backups within an hour or so.
Cloud Server Specs
4 core CPUs, 8GB of RAM, 1000GB of RAID storage and 5000GB of monthly bandwidth on all servers. Further upgrades are possible.
We’re waiting to hear what impact Brexit will have on UK businesses and the EU. Aside from our programmers, we don’t maintain any presence in the UK. We’re based in France and Germany. We do have potential plans to move our company to the Republic of Ireland if Brexit causes any issues.