Consulting Policy
This page contains information about how we will work together, and which guarantees Vettabase will offer to your organisation.
Non-disclosure agreement
Information about your infrastructure and your business will never be used or disclosed without your permission.
We are available to sign a non-disclosure agreement (NDA) before beginning the consulting work.
Credentials to your systems
We will use a virtual private network (VPN) if required. However, it is important that a proper client exists for Linux.
Access to your systems will happen via ssh, with key-based authentication. We will send you a public key.
If further passwords or credentials need to be communicated, they can be placed on the server that we will be able to access via ssh. The file will be deleted from the server as soon as we get the information. In this way, no passwords need to be sent directly to us, in any form.
It is highly recommended that we use a jumphost. It will be the only server that we will directly access. We will then access other servers and services from the jumphost.
Sensitive information protection
On our side, your secrets and sensitive information will be protected in the following ways:
- No sensitive information will be stored in a clear form or sent over a network in an unprotected way;
- No sensitive information will be left on a device usable by other persons without the necessary protections (for example, they will not be in a laptop without password on a table);
- In case a device containing your sensitive information is stolen, you will be immediately alerted.
Communications
Normal communications will happen via:
- emails;
- a Slack channel;
- Skype, Zoom or Telegram.
No secrets or other sensitive information will be communicated using these channels without end to end cryptography.
Questions
In case of further doubts or questions, please contact us.