ESENCATFRPT
← Home
SECURITY

Built for businesses that take screens seriously.

RDS handles the credentials, content and device fleet of every customer. This page enumerates how we keep it safe — the same posture that passed our most recent internal security audit (May 2026).

01

Authentication

  • Email-based 2FA, optional or mandatory per role. Trusted-device cookie (rds_mfa_trust, 30 days) so the second factor is not requested on every login.
  • NIST-style password policy: 12-character minimum, 1,197-entry breached-password deny list, no trivial sequences, no username/email reuse. Live strength meter on every form.
  • Hashed at rest: passwords stored with bcrypt + per-record salt. We never see plaintext.
  • Idle session expiry after 15 minutes. AJAX returns HTTP 401 on expiry — no inline login HTML.
  • Login throttling + account lockout after repeated failures. One-time password-reset token, valid for 1 hour.
02

Tenant isolation

  • Every record is scoped by cf_empresa (company identifier).
  • Row-level enforcement on every endpoint — no cross-tenant access, ever, not even for admins.
  • Per-tenant quotas (max devices, images, videos, max video size) enforced at write time.
03

Data & hosting

  • Hosted in AWS EU (Ireland) — data does not leave the EEA except for Stripe payment processing under Standard Contractual Clauses.
  • HTTPS-only with HSTS preload. TLS 1.2 + 1.3, modern cipher suites only. SSL Labs A+ on rds.digitalsignagerds.com.
  • Daily encrypted backups, 30-day retention.
  • 30-day recycle bin for deleted images and videos.
04

Application hardening

  • CSRF tokens on every state-changing endpoint.
  • Strict file-upload validation: real MIME check (not the spoofable client header), size caps, extension whitelist. SVG and polyglot risks closed.
  • Security headers on every response: HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, Content-Security-Policy.
  • Stripe webhook signature verification (HMAC-SHA256) + idempotency ledger to prevent event replay.
05

Email

  • Outbound exclusively via AWS SES (EU-West-1) — DKIM + SPF + DMARC aligned.
  • DonDominio SMTP (EU) as fallback relay.
  • sender_canonical rewrite on the local Postfix — no spoofing in the outbound envelope.
  • Bulk-email rate limit + audit trail on every marketing send.
06

Auditing

  • Activity log per user action, 12-month retention.
  • Login attempt history (timestamp, IP, success/fail).
  • Stripe event ledger with idempotency + replay protection.
07

Compliance

  • GDPR-aligned data retention windows (see the Privacy Policy for specific durations).
  • Right of access, rectification, erasure, objection, restriction and portability — maximum 1-month response from receipt.
  • Breach notification SLA: 72 hours (Art. 33 GDPR).
  • Data processors all under Art. 28 DPAs: AWS EMEA (hosting + SES), Stripe Payments Europe, DonDominio.
08

Independent review

  • Most recent internal security audit closed in May 2026. Outstanding items (low severity, deferred deliberately) tracked in our internal audit log.
  • We do not currently hold SOC 2 or ISO 27001 certification.

Reporting a vulnerability

If you have found a security issue, please write to salvador@promotienda.es or privacidad@digitalsignagerds.com. We acknowledge within 48 hours and respond within 5 business days. We do not pursue legal action against good-faith researchers.

© 2026 RDS · digitalsignagerds.com Privacy · Cookies