Security and authorization procedures over the internet continue to evolves and sometimes these procedures aren’t safe enough to be trusted from third party services. To develop an intense application like MYETV our developers must travel around the world and they must be free and not be forced to use some particular model of policy for theyr privacy data. The MYETV is a company that resides in the EU jurisdictions and developers, to develop this platform-[Platform]: [the the set of the main domain and all the subdomain of a particular website; also the computer architecture and equipment using a particular operating system], must follow the rules of this community also if they are in another country. No others third partyes policy should be forced to follow to or by our developers or collaborators.
We have different ways to connect to our infrastructures and all that ways have their own rules, unbreakable and decided by all of us. To simplify there are a list of things that should or should not be done when connecting to MYETV servers to work.
Direct connections (with or without supervisor)
These type of connections are maded the most of times by technicals and/or authorized personal (with a supervisor, if needed); working with encrypted data allow all our workers to work directly on the machines without the risks of data corruption/manipulation.
- (in direct-mode) Turn off mobile devices connection: this is a required step to work inside the webserver. Turn off in your computer every clients connected to third party net. Disable bluetooth and all bluetooth devices (if possible), unplug all USB devices not used for system purposes (like mouses or keyboards)
- (in direct mode) Accounts for the connections are builded instantly by administrators and they are temporarily for the time of the work to be done and with specific functions with authorizations enabled only for the specific works; when the time expired, the account-[Account]: [an Account contains the personal information that is assigned to those who register and access with email and password] will be disabled.
- (in direct-mode) A supervisor is required when direct connections happens outside the physical perimeter; this means that an expert must be able to give the possibility of connection and support the visitor for every aspect of the connection, untill the connection is closed
- (in direct-mode ftp-mode) Maximum concurrent connections are limited and connections are always monitored and only the administrators can authorize a specific accessAccess [the simple access to a website as a visitor]
- (in direct-mode ftp-mode http-mode) Change passwords every 3 months (where possible) and use encrypted vaults to storing them
- (in direct-mode ftp-mode http-mode) Uses certificates and encrypted channels for connection authorization: ftp->ftps and/or http->https
Administrators and moderators connection:
These type of connection are maded most of times via https and work with sensible datas of the platform; only moderators and the owner of the platform can access at it.
- Never share any link, image, file or data of any moderation section
- Never share the account used for this purposes with anybody
- MYETV platform and this blog have two completely different authentication methods
- (in direct-mode) all data are stored crypted and can’t be viewed/modified by unauthorized personal
- (in https-mode) all connections are traced and verified by the “MYETV’s Alpha” authorization system
Things that should not be done in any third-party websites:
- Never use the same passwords for any third-partyes services
- Never use a question-answer scheme of recovering password authentication
- Never use a mobile authenticator with your mobile number to authenticate yourself
- Be sure you are using an username / email / password different combinations for all the third partyes websites
- Always use your recognizable and verified email address and be sure everything is stored crypted
- Never downloads and install in your system any files that could damage our infrastructures
- Never connecting without a personal/organization firewall
Rules are for security purposes and should be followed unless you know what you are doing.
What could happens and what could be charged if somebody will be caught breaking rules:
- International Cyber Crime: https://en.wikipedia.org/wiki/International_cybercrime
- Cyber Bullying (online abuse): https://en.wikipedia.org/wiki/Cyberbullying
- Cyber Terrorism: https://en.wikipedia.org/wiki/Cyberterrorism
- Breach of Confidence: https://en.wikipedia.org/wiki/Breach_of_confidence
- Abuse of Power: https://en.wikipedia.org/wiki/Abuse_of_power
- Abusive Power and Control: https://en.wikipedia.org/wiki/Abusive_power_and_control
- Professional Abuse: https://en.wikipedia.org/wiki/Professional_abuse
- Computer Fraud: https://en.wikipedia.org/wiki/Computer_fraud
- Computer Fraud & Abuse Act (Trade Secret Abuses): https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act
- Data Tefht: https://en.wikipedia.org/wiki/Data_theft
- Damage: https://en.wikipedia.org/wiki/Damage
The developers team.
