How RBCommons stays secure
Your source code is important, and we intend to keep it safe. We employ a number of security measures and recommendations to prevent any unwanted access to your review requests.
Our security model
- We host everything securely within Amazon's AWS cloud. All servers are isolated from each other using per-server and per-network firewalls.
- Only the founders of Beanbag have access to the AWS account. We require very strong passwords, two-factor authentication, and periodically-rotated credentials.
- Only the founders have any access to our servers. Access is only available from undisclosed, trusted locations, and require secure hardware encryption keys combined with passwords
- make use of hardware keys for SSH, a require two-factor authentication, very strong passwords, and hardware keys for SSH.
All communication between our servers and databases are encrypted, and take place only within Amazon's cloud. There's no place for someone to snoop in the middle, and no direct access to critical servers from the Internet.
Our websites make use of SSL, and we regularly run SSL tests on our servers to see where we might strengthen settings.
- Our servers are always kept updated with the latest security fixes.
- All servers, HTTPS requests, and AWS activity are logged and regularly monitored. We're notified of any suspicious activity, errors, or remote access attempts.
- We have thorough test suites in our software covering access controls that are kept up-to-date. They test every possibility we can throw at it. Additional tools check our test suite for missing access tests.
How we access your code
- Repositories hosted on services such as GitHub or Bitbucket are accessed through their APIs, which are protected by SSL. We authenticate to most APIs using a token generated when you first link your repositories. This token is encrypted.
- Some repository types or hosting services only offer password-based authentication. For these, we do have to store the password, which is encrypted and not accessible outside the servers.
- For most self-hosted repositories, RBCommons can make use of dedicated SSH keys. Teams will automatically have a public/private SSH key generated for them, which you can use to grant access to your repositories. The private SSH keys are encrypted and stored securely in our servers, with no outside access.
- If your repository isn't already accessible via the Internet, you may have concerns about making it public. One option to keep things safe is to limit public access to your repository to our IP addresses. That way, only we can reach it. (Note that the IP addresses are subject to change -- the latest will always be available at that link.)
How we store your data
- Uploaded diffs are stored in our database.
- Uploaded file attachments are stored in Amazon's S3 service under a hashed, unguessable name.
- Computed data (such as side-by-side diffs, files fetched from the database, and patched files) are stored in an internal memory cache for fast access. This is stored securely and cannot be accessed remotely. Periodically, this data is wiped from the cache, and the cache is occasionally cleared.
- We collect as little personal user data (username, full name, e-mail address) as possible. This data is always available to you. The full name and e-mail address can be changed at any time. See our Privacy Policy for more information.
How to keep your account secure
Keeping your account secure is very important. We do what we can to keep our servers secure, but if your account is not secure, your team's data is at risk.
There are three things we recommend for securing your account.
1. Choose a secure, unique password
We strongly recommend you use a unique, secure password protected by a password manager (such as 1Password or LastPass). By using a strong password unique to RBCommons, you'll keep your account from being compromised in the event of password leaks on other services. By using a password manager, you won't have to remember the password, and you can log in on any supported device.
2. Use two-factor authentication
Two-factor authentication helps keep your account safe and secure from hackers by requiring a second device (mobile phone or tablet) when logging in to RBCommons. If enabled (My Account -> Authentication), RBCommons or RBTools will prompt you for a 6-digit token code along with your username and password. This code will be generated on your device or sent to you via text message, depending on your preference.
For on-device token generation, we recommend using Google Authenticator or Authy. As part of the two-factor authentication setup process, you'll simply scan a barcode on your screen, and you'll be set!
Once you have two-factor authentication enabled, you'll be given a set of backup tokens. These are codes you can use to log in in the event that you no longer have access to your mobile device. Keep them secret. Keep them safe.
3. Use API Tokens for authentication
API Tokens are an alternative way to authenticate with RBCommons for clients that use the API. They're safer than storing passwords, and provide a bunch of handy features like access control policies.
You can generate as many API Tokens as you want through your My Account -> API Tokens page, and can give them full read/write access, read-only access, or even define custom access policies.
Tokens can also be revoked at any time without having to change your password.
API Tokens are great for custom scripts or for RBTools automation where you want to programmatically interact with RBCommons without exposing your password.