Management

When something unexpected happens Noodle will ask you what you were doing and email a stack trace to Vialect. Bug reports may also be sent to techsupport@vialect.com. Please use saleshelp@vialect.com for any other inquiries.

Please provide the following:

  • Steps to reproduce the issue, possible details:
    • The URL
    • The version of Noodle
    • The version of Web Browser
    • A username and password
    • An ordered list of buttons/links clicked
    • Sample file/data
  • Expected behavior, possible details:
    • 720p mockup of desired appearance with min and max sample data.
  • Actual behavior, possible details:
    • A full resolution screen shot including address and scroll bars
    • Web Browser console output
    • The source of any warning pages (wrong format, missing parameter)
    • The source of any email
    • A zip of the Noodle/log folder
  • Observe email educate
    • A short descriptive email subject
    • Reply to the email thread only for the the same issue
    • Don't make new threads for the same issue.
    • Avoid requesting thread history review.
    • Do not place legal or print notes in signatures or other bloat them.
    • Use test in favor of images
    • Use attachments not image overlays/embeds
    • Be concise.

Leaving out information leads to Vialect spending less time creating solutions and more time repeating themselves and linking to this page.

 

Answers to Frequently asked questions:

  • The support included in your Noodle subscription includes phone, email, and remote assistance for system administration, application usage, and troubleshooting.
  • Customization can normally be accomplished through the user interface which we help with by providing example scripts. Feature requests beyond customization cost extra valued on a per requirement basis.

Ask us more.

Information about our hosted security:

  • Rackspace standards, and certifications.
  • Amazon standards, and certifications.
  • Backups are taken daily for one day, and monthly for 3 years, encrypted, and stored in multiple cities. Optimal space conservation is used in favor of optimal recovery time.
  • Only the strong password protected ssh key of our security manager has full assess to hosted environments.
  • Stable Linux branches are used and security updates are evaluated or applied daily.
  • Data sovereignty; People who want to avoid government oversight should encrypt a local install and host the data with a less intrusive government.
  • Application Security
  • regulation compliance

Please contact us if you have specific questions about regulation compliance.

Information about Vialect Administrative security:

  • Staff workstations use annual fresh installs of OS X to avoid most malware.
  • Payment information is transmitted and stored offline.
  • Only Senior staff have access to sensitive information.

Public network application security options:

  • SSL (prevent passwords collection from public wifi)
  • White list (prevent application inspection from known hostile networks)
  • "Session Security Level" to 4 (prevent session hijacking)
  • "Minimum password length" to 8 (make password guessing harder)
  • Auto blacklisting block IPs that use the wrong password to often (defaults to 20 per minute)
  • 2 factor authentication
  • Authentication keys for RSS, and Calendar subscriptions.
  • Injection detection
  • Analytics
  • Active Directory Authentication

LAN security options for the server

  • Whole disk encription (prevents bypassing security by reading the disk with another computer)
  • Dedicated server (reduces exploitable surface area)
  • Linux OS (protects from windows malware)
  • Firewall blocking all but ssh and the noodle http[s] ports. (reduces exploitable surface area)
  • ssh keys (prevents password guessing on ssh)

Network

  1. On a network not (even indirectly) connected to the internet. (most secure)
  2. On a network only indirectly connected to the internet with no Microsoft windows devices on the network.
    • Encrypted VPN or better yet a ssh tunnel (use with keys will prevent MITMA from a spoofed wifi or an untrusted ISP or government)
    • Anonymity networks like tor can be used (optionally with ssl or ssh) (in practice will prevent anyone, including governments, from knowing what server a user is talking to)
  3. On a network only indirectly connected to the internet.
  4. On a public network with a firewall or NAT port forwarding blocking all but one port
  5. On a public network (least secure)