DataStoragePolicy » History » Version 4
Adrian Georgescu, 06/04/2013 01:11 PM
| 1 | 4 | Adrian Georgescu | h1. Data Privacy and Storage Policy |
|---|---|---|---|
| 2 | 1 | Adrian Georgescu | |
| 3 | 3 | Adrian Georgescu | SIP2SIP is server infrastructure that relays information and stores information. If you are concerned about privacy of your own data and how it is used inside the platform, read below. |
| 4 | 1 | Adrian Georgescu | |
| 5 | h2. SIP Accounts |
||
| 6 | |||
| 7 | Accounts information is stored in the platform database. SIP account and SIP Settings web page passwords are stored in encrypted form in the database. |
||
| 8 | |||
| 9 | 2 | Adrian Georgescu | h2. Signaling |
| 10 | |||
| 11 | Signaling can be done in clear text using UDP and TCP protocols. You may use TLS for encrypting data between the end points and platform SIP servers. There is no guarantee that encryption will work end-to-end, the SIP signaling part of the platform provides only hop-by-hop signaling security. |
||
| 12 | |||
| 13 | 1 | Adrian Georgescu | h2. SIP Traces |
| 14 | |||
| 15 | All SIP signaling is stored in cleartext for the last 30 days in platform databases. |
||
| 16 | |||
| 17 | h2. Call Detail Records |
||
| 18 | |||
| 19 | Call Details Records are stored for up to six months in clear text format in platform databases. |
||
| 20 | |||
| 21 | 2 | Adrian Georgescu | h2. Offline Short Messaging |
| 22 | 1 | Adrian Georgescu | |
| 23 | 2 | Adrian Georgescu | Messages sent using SIP MESSAGE method that cannot be delivered to local users of the platform are stored for later delivery in cleartext format in the platform database. |
| 24 | 1 | Adrian Georgescu | |
| 25 | 2 | Adrian Georgescu | h2. Audio and Video |
| 26 | |||
| 27 | RTP streams are relayed by platform media relays. Actual data is not stored or copied anywhere. You may encrypt your data using sRTP but the encryption key is available in the signaling. Whomever has access to the signaling can potentially be able to decrypt any sRTP encrypted stream. If your end-points supports zRTP, the key is known only by the clients. |
||
| 28 | |||
| 29 | 1 | Adrian Georgescu | h2. Chat Messages |
| 30 | |||
| 31 | 2 | Adrian Georgescu | MSRP chat sessions are done over TLS connections via the platform MSRP relay servers. The content of the messages is not logged or stored anywhere. |
| 32 | |||
| 33 | Blink users can replicate the chat messages between multiple instances configured with the same account. The replicated chat messages are stored for 60 days in encrypted form in platform databases. The encryption key is not known by the server, only Blink clients posses the encryption and decryption key. If you are concerned about privacy you may disable chat replication in Blink. |
||
| 34 | |||
| 35 | h2. File Transfers |
||
| 36 | |||
| 37 | MSRP file transfer sessions are done over TLS connections via the platform MSRP relay servers. The content of the files is not logged or stored anywhere. |
||
| 38 | |||
| 39 | h2. Protecting your Privacy |
||
| 40 | |||
| 41 | To protect your data against being exposed over the Internet, do the following: |
||
| 42 | |||
| 43 | * Use TLS for SIP signaling |
||
| 44 | * Use zRTP for audio and video media if your end-points support it other wise sRTP |
||
| 45 | * Use TLS for MSRP media |
||
| 46 | |||
| 47 |