Skip to content

Important Considerations

Important Considerations

Security Best Practices

To ensure the security and integrity of your application, follow these best practices for managing access, protecting data, and monitoring potential threats:

  1. Regular Password Rotation
  2. Enforce policies for users and administrators to change their passwords at regular intervals.

  3. Implement strong password requirements (minimum length, complexity) and avoid password reuse.

  4. SSL Certificate Maintenance

  5. Regularly update and renew SSL/TLS certificates before they expire to ensure continuous encryption of data in transit.
  6. Use only certificates from trusted certificate authorities (CAs).

  7. Periodically review and update the cipher suites used to maintain compatibility with current security standards.

  8. Access Control Review

  9. Regularly review user roles and permissions to ensure that users have the minimum level of access required for their role.

  10. Deactivate or remove access for users who no longer need it, such as former employees or users with updated roles.

  11. Monitor Failed Authentication Attempts

  12. Set up monitoring and alerts for failed login attempts to detect potential brute-force attacks or unauthorized access attempts.
  13. Log details of each failed attempt, including the timestamp, IP address, and username, as tracked by Keycloak. Regularly review these logs to identify patterns or suspicious activity.
  14. Implement account lockout mechanisms to temporarily disable accounts after a predefined number of failed attempts, reducing the risk of automated attacks. InspectChat supports this by limiting each user to a maximum of 5 login attempts per minute, helping to prevent excessive failed login attempts.

By following these security best practices, you can help protect your application and data, reduce vulnerabilities, and detect issues early before they become significant risks.

Data Backup and Recovery

Regular backup schedule: 

# MongoDB backup
docker-compose exec mongo mongodump --out /backup

# Vector DB backup
docker-compose exec vectordb pg_dump -U myuser mydatabase > backup.sql

MongoDB

Stores critical operational data including audit logs, user interactions, chat messages, and transaction records for InspectChat services. Regular backups are essential to maintain service continuity and comply with audit requirements.

Vector DB

Houses embeddings of SharePoint documents when integration is enabled. Backing up this database is crucial to preserve document search capabilities and maintain the AI's context-aware responses.

PostgreSQL

Contains Keycloak authentication and user management data, including user credentials, roles, and access policies. Regular backups ensure identity management system recovery and maintain secure access control.