OFN Data Protection

Hi All,

I have gotten a query about cybersecurity and OFN, so please indulge me in a few questions:

Since OFN is managed through GitHub I am guessing that it falls under GitHub cybersecurity measures. Would this be correct?

Is OFN a GitHub Enterprise or a regular account holder?

Does OFN also have its own cybersecurity measures? If so, what kind?

Are OFN user accounts virtual or stored on servers?

There may be more questions forthcoming, thank you for your responses!

Molly
Country Markets OFN

Hi Molly,

Github is merely the repository for the code. There is no personal data or enterprise data stored on Github. OFN is a regular github user and our code is open source.

OFN stores no bank account or credit card detail of any customer or producer. This is currently held solely by proprietary payment gateway software (like Paypal and soon Stripe).

All access to servers is encrypted, regarding web traffic we use today HTTPS. No use of unencrypted FTP or SMTP services. Data exchange between the client and the server are fully encrypted in TLS to protect users data confidentiality.

Regarding system admin access, you need to use SSH keys (asymetric key RSA4096 (or ECDSA) AES256-CBC) and authentication (login) with a password is disabled. An additional protection by a symmetric key AES256 is not required.

The data of the website (database like customer infos, products, etc. + files like images, etc.) is backed-up daily on an external server with a one month retention to ensure we can restore almost 100% of site data in case of emergency.

You can find a full overview of OFN security measures here:

Thank you for your quick response and for directing me in the direction of an extensive answer to my questions!

1 Like