darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2025-12-10 23:23:27 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
notifications-admin/app/templates/views/security.html

92 lines
5.3 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{% extends "base.html" %}
{% from "components/table.html" import mapping_table, row, text_field, edit_field, field with context %}
{% block per_page_title %}
Security
{% endblock %}
{% block content_column_content %}
<h1 class="font-body-2xl margin-bottom-3">Security</h1>
<p>Notify.gov is built for the needs of government services. It has processes in place to:</p>
<ul class="list list-bullet">
<li>protect user data</li>
<li>keep systems secure</li>
<li>manage risks around information</li>
</ul>
<h2 id="infrastructure">Infrastructure</h2>
<p>Notify.gov is comprised of two applications both running on <a href="https://www.cloud.gov">cloud.gov</a>:</p>
<ul class="list">
<li>Admin, a Flask website running on the python_buildpack which hosts agency user-facing UI</li>
<li>API, a Flask application running on the python_buildpack hosting the Notify API</li>
</ul>
<p>Notify.gov utilizes several cloud.gov-provided services through Amazon Web Services (AWS):</p>
<ul class="list">
<li>AWS S3 buckets for temporary file storage</li>
<li>AWS Elasticache (Redis) for caching data and enqueueing background tasks</li>
<li>AWS RDS (PostgreSQL) for system data storage</li>
</ul>
<p>Notify.gov also provisions and uses two AWS services via a <a href="https://github.com/GSA/datagov-ssb">supplemental service broker</a>:</p>
<ul class="list">
<li><a href="https://aws.amazon.com/sns/">AWS SNS</a> for sending SMS messages</li>
<li><a href="https://aws.amazon.com/ses/">AWS SES</a> for sending email messages (note: email function is currently unavailable to users for pilot)</li>
</ul>
<h2 id="current-security-review">Current security review</h2>
<p>Currently, Notify.gov operates under a GSA <a href="https://www.gsa.gov/system/files/Lightweight-Security-Authorization-Process-%28LATO%29%20%5BCIO-IT-Security-14-68-Rev-7%5D%2009-17-2021docx%20%281%29.pdf">Lightweight Authority to Operate (LATO)</a>. This federal security authorization
process leverages security controls provided by National Institute of Standards and Technology (NIST). The process is
focused on operational security from both a functional and assurance perspective.</p>
<p>We are pursuing a full Authority to Operate (ATO)</p>
<h2 id="data">Data</h2>
<p>To send a message, agencies upload a spreadsheet of phone numbers and other necessary data from their existing data
management system. On Notify.gov, data is encrypted when it passes through the service and when its stored on the
service.</p>
<p>Notify.gov is not a system of record and as a result does not have a SORN. Agencies are responsible for managing their
data outside of Notify.gov.</p>
<ul class="list">
<li>Notify stores data within the cloud.gov-managed PostgreSQL database and <a href="https://cloud.gov/docs/services/s3/#encryption">S3 buckets</a>. The entire database is <a href="https://cloud.gov/docs/services/relational-database/#encryption">encrypted at
the disk level</a>.</li>
<li>Additionally, data is encrypted at the field level when it is stored in the database, using OpenSSL 3.0.8 via the Python
cryptography library. The implementation is available <a href="https://github.com/GSA/notifications-utils/blob/main/notifications_utils/clients/encryption/encryption_client.py">on GitHub</a>.</li>
</ul>
<h2 id="data-retention">Data retention</h2>
<p>Any recipient data uploaded is only held for seven days; all personally identifiable information (PII) is deleted for
successful messages, so data is retained only for unsuccessful messages.
</p>
<h2 id="technical-security">Technical security</h2>
<h3 class="font-body-lg">Protect sensitive information</h3>
<p>Some messages include sensitive information like security codes or password reset links.</p>
<p>If youre sending a message with sensitive information, you can choose to hide those details on the Notify dashboard once the message has been sent. This means that only the message recipient will be able to see that information.</p>
<img src="{{ asset_url('images/product/security-review-message.png') }}"
alt="Screenshot of a test message in review with the link to 'Hide all personalized and conditional content after sending for increased privacy protection' emphasized.">
<h3 class="font-body-lg">Two-factor authentication</h3>
<p>To sign in to Notify, youll need to enter:</p>
<ul class="list list-bullet">
<li>your email address and password</li>
<li>a text message code that Notify sends to your phone</li>
</ul>
<p>If signing in with a text message is a problem for your team, <a class="usa-link" href="{{ url_for('main.support') }}">contact us</a> to find out about using an email link instead.</p>
<h3>User permissions and signing in</h3>
<p>You can set different user permissions in Notify. This lets you control who in your team has access to certain parts of
the service.</p>
<h3>Multi-factor authentication (MFA)</h3>
<p>Notify.gov uses <a href="https://login.gov/">Login.gov</a> to authenticate users.</p>
<ul class="list">
<li>Your email address and password</li>
<li>A code from an authenticator app or sent by Login.gov in the form of a text message</li>
</ul>
<p>If signing in with a text message is a problem for your team, <a href="https://beta.notify.gov/support">contact us</a> to find out about using an email link instead.</p>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink