Server data protection
Operations logging
All operations performed in the Loymax system go along with mandatory logging — recording of information about operations and their initiators in separate files. Log files do not contain personal user data, passwords, keys and access tokens in open form. At the same time, there is always a possibility to get the required information using logs (for example, who performed a certain action and when), however, access to log files is strictly limited. For example, developers or testers can get excerpts from logs only upon request to the technical support service.
Log files are stored in the Data Storage System with Raid10 backup technology. This solution ensures reliable storage of information resources and guaranteed access to them. At the moment, the log storage includes records for the entire period of the System operation.
Database backup
To prevent damage or loss of data stored in the database, the process of data backup has been arranged. In this respect, not all the data are copied, but only valuable data — information about purchases, users, accounts. Data copying for the entire period of the System operation (full backup) is launched every week, and changes for the previous day (incremental backup) are copied on a daily basis. The backup copies storage time is 2 weeks from the date of creation. After that, outdated files are automatically deleted.
Before updating the System, which includes changes to the databases, a backup copy of all databases is created. Only administrators have access to database backup files.
Recommendations for creating MS SQL database backups:
- Data copying for the entire period of the System operation (Full Database Backups (SQL Server)) — every week;
- Transaction Log Backups (SQL Server) — daily: in the morning (prior to the start of working hours of retail outlets) and in the evening (after the end of working hours of retail outlets).
- If required, it is possible to add Differential Backups (SQL Server) to speed up the backup process and reduce the risk of data loss. The recommended retention time for backup copies is 2 weeks after creation.
Protection against unauthorized access and copying
The System provides the following protection measures against unauthorized access and data copying:
- A separate network segment with limited access is allocated for the servers with data. Access to data is limited by user rights.
- Ongoing audit, logging, and monitoring of data access are carried out.
- Each employee has his/ own accout Каждый сотрудник имеет собственную учетную запись для доступа к офисным ПК. Поэтому доступ посторонних исключен.
- Доступ к АРМ отдельного Партнера имеют только сотрудники из согласованного списка, каждому из них выделяется дополнительная учетная запись.
Periodic data cleaning
Historical data are stored in the database for a specified time, after which they are cleared. The System provides for the following regular cleaning tasks:
- Event calculation;
- Target audience calculation;
- Event data (bonus calculation and deduction, information on purchases, etc.).
Regular clearing tasks for event calculation and target audienc ecalculation are set up in the System by default and perform the clearing on a daily basis. The frequency of regular event data clearing task is configured at setting. The full list of database tables to be cleared by this regular task is presented in the corresponding article.