Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Technical documentation on LimeSurvey (encryption, logging, firewall)

1 year 7 months ago #218490 by yulia_kamaeva
Hello community,

we are using the LimeSurvey Community Edition installed on the local server. Now I'm looking for the technical documentation on LimeSurvey covering some of the following topics.
Could anyone share such docs/info if you have ones?

1. Encryption - describe how data is being encrypted (AES 256, BitLocker, etc.) and data in transit (I.E. TLS 1.2). Additionally, annotate encryption management, storage, and key rotation strategies using technologies like Thales, Azure Key Vault Premium, Google KMS, etc.

2. Logging / Monitoring / Alerting - describe the logging and monitoring implementation that will be used with this application/solution. This includes capturing key events associated with access, authentication, and configuration changes. Specifically include Log Retention Period for each type of log.

3. Firewalls & Network/Application Segmentation - provide a high level summary of all firewalls rules, Web Application Protection (WAP) services, container segmentation policies, API Application Gateways, VPN or other Edge protection configurations that are in place to protect the solution. NOTE: Web Application Protection (WAP) services should protect all external interfaces. NOTE: PaaS Services should use Private Endpoints - if applicable to the application.

Best regards,
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose