- Deployment Overview
- In which country is my data stored on the farmerswife cloud?
- Is the data encrypted at rest?
- Is the data encrypted in transit?
- Are all user actions in the system recorded?
- Are there any protections in place for DDoS attacks
- Does the program capture/save data about exceptions etc. to the log?
- Does your solution or company transfer any personal data to a country outside EU/EEU?
- How are backups of the system implemented?
- Do you have monitoring of the application and the service?
- Does the application store any data classified as “personally identifiable” by GDPR, or International data privacy legislation?
- What credentials are required to authenticate a user? How are those credentials generated and managed?
- Does the application support the enforcement of minimum password length and complexity requirements?
- Do you provide remote access to production application systems (for support staff, etc)?
- Do you have an API we can use to connect to our own systems?
farmerswife is a Server > Client application. The application a TCP protocol.
Our cloud service is a hosted instance of the farmerswife server including backup, monitoring, and regular update services.
The farmerswife client runs natively on PC and macs, and will be set up to connect to your hosted farmerswife server. Linux client support is also available.
The farmerswife web client runs on any web browser and connects over https to your hosted farmerswife service.
For iOS devices, the iOS app is distributed from the App Store and would be configured to point to your own farmerswife server instance. For other mobile browser we have a mobile web application.
See the following links for further information on deployment and communication
- farmerswife Architecture and Data Flow
In which country is my data stored on the farmerswife cloud?
farmerswife cloud is deployed across multiple regions to beclose to the client location and reduce latency between the clients and the servers.
- In Europe we have cloud services hosted in Hertzner in Germany and Amazon AWS in Ireland and UK, and local regions. We store encrypted backups to AWS S3 (Ireland), B2 (Amsterdam) and HQ’s FWVault (Palma, Spain).
- In the US we host with Leaseweb and AWS
- In other regions we use a Leaseweb or AWS as first choice, or local provider if any of the above is not available in the region.
Is the data encrypted at rest?
Is the data encrypted in transit?
In a managed clouded service, communications are all encrypted.
If a customer hosts, then the Web Client and Mobile Web Client are not automatically encrypted. We can help with options to secure web traffic using a reverse proxy solution. Documented Using NGINX as a third party proxy service to apply your SSL certificates
Are all user actions in the system recorded?
We can generate a report of user activity per day
On the server we log activities in access and system logs.
Are there any protections in place for DDoS attacks
Our cloud hosted systems are all deployed behind a nginx proxy which has a configured WAF (Web Application Firewall) module to protect from Distributed Denial of Service attacks by inspecting the traffic and blocking suspicious activity at this entry point
Does the program capture/save data about exceptions etc. to the log?
If the error situation/scenario allows either the fw Server app or fw Client app to still capture “stack trace” or “exceptions” data of an error.
This will either get stored within the fw Server’ apps “log.txt” or within the fw Client’s “error.txt” files.
Does your solution or company transfer any personal data to a country outside EU/EEU?
No, not for clients hosted in the EU
How are backups of the system implemented?
We use a combination of application level backups and system level backups.
The farmerswife server is configured to create snapshot backups at regular intervals. The back up location and frequency are defined in the server application. By default is set to occur every 15 minutes.
We also implement a system level backups using a third party backup solution. This is a complete "mirror" copy of the farmerswife Server's root installation directory/package and the latest snapshots.
This backup is transferred off the server to an encrypted location, to allow for recovery in the case of server failure.
Do you have monitoring of the application and the service?
We use a tool called zabbix to monitor both the server and the application.
We monitor capacity and performance of the server hosting infrastructure.
The application health checks confirm that your farmerswife server/service is available and that logins are working.
These monitoring tools alert our support team in the case of failure or alarm, where they can take steps to recover the service and inform you of any issues.
Does the application store any data classified as “personally identifiable” by GDPR, or International data privacy legislation?
Staff requiring access to farmerswife would have login information stored (username + password).
No other personally identifiable data is required
What credentials are required to authenticate a user? How are those credentials generated and managed?
User and password created within the farmerswife application. Passwords are stored hashed and salted on the farmerswife database.
Management of user credentials is possible based on role based access within the applications, and is limited by the licensed user types.
Does the application support the enforcement of minimum password length and complexity requirements?
Yes, within the server setup page and from the desktop app you can enforce and configure the password policies, such as password age, complexity, and lockout policy.
Do you provide remote access to production application systems (for support staff, etc)?
Support staff who have access to the system for administration are restricted by IP.
We only allow access to the access ports from our office IP, or from VPN. Each user has they own unique user and password, and we have a centralised password management tool.
Do you have an API we can use to connect to our own systems?
We have a REST API which is a licensed feature, but free of charge. Information about the currently available endpoints can be found here The farmerswife Server's REST API