Solr cloud hosting Open Menu
Documentation > OPENSOLR-Security > Information Security Policy

๐Ÿ›ก๏ธ Opensolr Information Security Policy

This document outlines Opensolrโ€™s current data security and privacy practices.
Our policies evolve with the industry, so please check back for updates or Contact Us with suggestions.

1. Introduction

  • Opensolr is ISO9001 & ISO27001 Certified
    (Recognized standards for quality and information security.)

  • Types of Data Processed:

    • Logical Data:
      • User identification and profile data.
      • Used to provide the Solr Cloud Hosting Platform and related services, managed securely with Role-Based Access Control (RBAC).
    • Solr Data:
      • The data you host with Opensolr, in your own designated environment/server.
      • Stored globally with leading datacenter and cloud providers, including:

2. ๐Ÿ”’ Confidentiality

  • All data types are protected under our GDPR Information Security Policies and our main privacy policy.

  • Logical Data:

    • Securely stored on encrypted Opensolr Main Data Servers (AWS Cloud).
    • Identifies each user (free, paid, or blocked status).
    • User activity logs are encrypted and provide a full transparency trail.
    • Only accessible to the Opensolr Account Owner via the Control Panel.
    • Security policies:
      • User/Password Authentication
      • Two-Factor Authentication (Authy/SMS, optional)

  • Solr Data:

    • Securely stored per your choice of datacenter/cloud.
    • Security policies:
      • SSL Data Transmission
      • HTTP Authentication
      • IP Access-Based Authorization
    • Accessible only to the Account Owner and invited team members (verified).
    • Never made public unless the Owner explicitly authorizes it, via our Support Helpdesk.

3. ๐Ÿงฉ Integrity

  • Logical Data (User Identity):
    • Not changed by Opensolr employees except:
      • Upon explicit owner request (via Support Helpdesk).
      • By the owner through the Control Panel (with full change logs).
  • Solr Data:
    • Updated/removed only by the Account Owner or authorized team members after passing security checks.

4. โšก Availability

  • All authorized users have reliable, timely access to Opensolr services.
  • Infrastructure is built for high availability and resilience, even during failures.
  • Risk mitigation & high availability:
    • Solr Data Backup tools for creating, downloading, or restoring data/configs.
    • Solr Index Replication for direct index replicas across regions.
    • Main system replication & redundancy worldwide.
    • Custom and third-party Web Application Firewall (WAF) systems (e.g., Apache mod_security).

5. ๐ŸŽฏ Authenticity

  • Uses the latest SSL standards and configurations for secure, authentic transfers.
  • Never requests or transfers biometric or location data.
  • All data transfers are subject to:
    • WAF AI verification (blocking/whitelisting)
    • SSL security keys and fingerprint verification for authentic transmissions

6. ๐Ÿ“ Non-Repudiation

  • Opensolr keeps detailed logs and revisions of all critical data transfers, user identification, and actions.
  • All support interactions are logged and revisioned via our Support Helpdesk System.

Questions or feedback?
Contact us here.