Architecture and data storage

In this review, we will talk about the security settings in the administrative panel of the super administrator, which are configured by CleverLMS technical support for each client company individually, at its request.
  • The platform implements a mechanism for allowing a user to log in under one account from only one device, that is, if a user logs in from a second device, then his session is interrupted on the first one. This is done to eliminate the possibility of cheating during training and to ensure the security of the account if necessary to log in from different devices.

  • CleverLMS implements a logging mechanism - registration of various kinds of events and actions. Logging is implemented for infrastructure events (databases, service services, etc.), and the ELK technology stack (elasticsearch, LogStash, Kibana) is used here — it is a mechanism for collecting centralized logs (all logs are collected in one place and stored centrally), and a mechanism for viewing these logs for DevOps and QA engineers to understand what happens to the system if it behaves abnormally. The second part of logging is logging the actions of administrators, it is possible to view the actions that lead to the creation /modification / deletion of data.
  • Monitoring is a technology that allows you to collect a set of telemetry from different components of the infrastructure and the system itself in real time to understand what is happening to the system. This is how problems are identified proactively, before they begin to affect the performance of the system, or at least before users begin to report malfunctions. For these purposes, we use Prometheus and Grafana technologies.

  • Fault tolerance and scalability of the system. Fault tolerance means that in case of failure of some component of the system, we have the opportunity to launch new copies, which ensures a high level of availability of the system for users. Kubernetes orchestration system is used to ensure fault tolerance. Scalability is the ability of the system to withstand this load when the load on it increases (to ensure a comfortable user experience) by adding additional resources to the system without interrupting its operation, the Kubernetes orchestration system is also responsible for this.

  • We regularly audit the system to meet the requirements of OWASP (Web Application Security Standard). What it looks like: special software tools scan our system in order to identify various kinds of vulnerabilities, when identifying vulnerabilities, we eliminate them. Based on the results of the work, a re-check is carried out, which confirms that all vulnerabilities are closed. If a client wants to conduct an instrumental audit of our system to verify the quality of our system in terms of compliance with these requirements, then we provide all the data for this, as we are absolutely confident in our product.

  • The next set of technologies that we use to ensure the stability of the system is the backup and restore of the system. Depending on how our client is deployed, we are able to perform backups in different ways. In the case when we deploy in the internal contours of our customer, then, as a rule, we set up a backup to a backup system that is provided by the customer himself.

  • The infrastructure components of our system run in docker containers. These containers are launched, in turn, from images, which eliminates the ingress of extraneous and/or malware into the components of our system. That is, with each new container launch, we take a clean image of this container, which allows us to ensure the cleanliness of our infrastructure.

  • Root rights are not used to run our infrastructure services, which means that even if attackers manage to compromise some part of our infrastructure, they will not be able to take over the infrastructure as a whole.

  • From the point of view of the reliability of the technologies that we use (and there are no absolutely reliable technologies), we use only open source components in our infrastructure that are production ready.
There is a classification of maturity of infrastructure technologies and the highest level of this classification is production ready, that is, technology ready for productive operation.
We do not use state-of-the-art, but potentially unstable technologies that can create additional problems due to undetected and not eliminated shortcomings.

  • We are implementing a secure process of developing our software, which is called CI/CD (Continuous Integration / Continuous Delivery), within which a long development flow is implemented, which involves both the development and testing itself, as well as the deployment and updating of our code. Editing by developers in production is impossible, that is, all the code that they write and refine is checked through QA for the absence of bugs in it or minimizing their number, and a separate DevOps team is engaged in the deployment of software and infrastructure. At each stage of this process, all employees use personal accounts, whose powers are limited only to what is necessary for the employee to perform his official duties.

  • Our system does not store user passwords in plain text, that is, there is no way to enter the database and see what password a particular user has. To do this, we use password hashing and salting. This is a technology that allows you to ensure an irreversible process of password conversion when it is stored in a database.

  • Our system has an integration API that complies with the OpenAPI standard. On the one hand, it is open (we publish documentation on our integration API so that clients can independently develop integration mechanisms), on the other hand, it is secure, because special tokens are issued to clients to access our integration API, which provide access protection. Thus, an attacker will not be able to use our integration API, because he does not own the corresponding token. The token is transferred only to authorized employees of the Customer.
We understand that IT and information security for our customers is not a mere formality, but one of the most important requirements for us as a cloud service provider, and we put a lot of effort into ensuring the highest level of security and fault tolerance of our platform every day.