Teamlab. Stable, Safe & Secure

Today we’d like to tell you what measures TeamLab takes to guarantee your portal data protection and give some recommendations on how to secure data in a maximum efficient way.

What makes TeamLab secure and safe

We prevent such threats as  authentication  cookie thefts via cross-site scripting, SQL injections, Cross-Site  Request Forgery and other types of security dangers for your personal  data and the whole portal content by:

  • when a user submits Personal Information, it is kept on a private server not accessible  from the Internet. This limits the possibility of any malicious use of your Personal Information.
  • assigning authentication cookies with HttpOnly attributes and binding them to the portal user’s IP address to prevent any cookie theft;
  • having conducted a series of independent tests, aimed at detection of probable vulnerabilities to make sure that  TeamLab portals meet the most up-to-date security requirements and are  resistant against possible hacker attacks;
  • allowing only a user to change his/her password with the help of a special link forwarded to the registered email.  TeamLab neither submits passwords by email nor provides the  administrator with the corresponding rights;
  • providing backup permissions only to the portal owner to avoid any possible private data leaks.

SSL. Banking Security Connection for Your Data

Allowing  portal access only through the HTTP with SSL (Secure  Sockets Layer) encryption we prevent man-in-the-middle  attacks. This makes it impossible for any third party to interfere into the session  and get  any private information.

Amazon Stability and Backup

TeamLab portals  are hosted on Amazon Web Services (AWS), which is no doubt one of the  most well-established cloud computing platform today, providing 99,99999% stability guarantee. Apart from automatic data backup, you can make offline archiving and back up your portal manualy at any time. Just go to the Settings and choose “Perform Backup” option or follow these instructions. The BAK file can be downloaded directly to your computer.

Recommendation to the Portal Administrators

If you are a portal administrator, we recommend you to set all the Portal Settings in  a way that fully complies with your security requirements. Pay special  attention to the following parameters:

  • Trusted Mail Domain Settings. They allow you to specify the mail servers that can be used for user  self-registering in TeamLab. By default the settings are at the disabled  mode. The Custom domains option allows you to specify mail servers that you trust, for example, your corporate domain.
    So, if your portal contains some very important private or corporate information, make sure that Trusted Mail Domain Settings are disabled and use only the invitation link to add people to your portal. You can include the link to the email and send to the people outside  your portal so that they could join it. The link is valid for 3 days.
  • Password Strength Settings. Get use of them to determine the password strength in resisting guessing and brute-force attacks. Use the Minimal Password Length bar to determine how long the password should be to be considered  strong. Check the appropriate boxes below the bar to determine the  character set that must be used in the password.

Things to take into account while uploading files to the portal

  • images added to blogs, events, project discussions and comments can be accessed by a direct link without any authentication;
  • direct links to the attachments in forums, wiki files and images in the Photos section are temporary and valid for unauthorized access for only 15 minutes after the publishing on the portal;
  • links to the files stored in the Projects, Documents and CRM modules are available only for authorized use and only for users who have the corresponding rights

You can also read more tips on access rights management in our post here.

Alex

View Comments

  • We can hope a new version in for the beginning of August ?
    It is a priority to manage permissions without this option we can't use it...

    How much for the new version integrating the permissions feature ? ;)
    Have you just files that I can upload without publishing a version totally new..

    Thank you.

  • When the new version is downloadable on SourceForge.

    Without the new version is totally impossible to exploit the possibilities of this application because the permissions are too large... the registered users can create projects, etc... For client user integration, the enhanced permissions module is indispensable.

    • Currently we're analyzing the demand for our open source version and still haven't made up our mind when the new version is to be released and what functionality exactly it will include. We'll do our best to sort it out in the nearest future.

  • Hello, I created a blog post, but then deleted that post. However it is still present in the What's New section of my site as a link to the blogs. Any way of removing it?

    • Hello, when you delete the post, the history record still remains and you cannot remove it. If you think that it's necessary to introduce that option, you can vote for it in our feedback form.

  • My TeamLab keeps crashing, its a brand new install, runs for a few hours then crashes any ideas

    -
    -

    3
    2
    5
    0x80000000000000

    1155
    Application
    TEAMLAB.advancednutrients.com

    -
    System.ServiceModel.ServiceHostingEnvironment+HostingManager/867461
    System.ServiceModel.ServiceActivationException: The service '/Default.aspx' cannot be activated due to an exception during compilation. The exception message is: Compilation result for the service '~/Default.aspx' is empty.. ---> System.InvalidOperationException: Compilation result for the service '~/Default.aspx' is empty. at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CreateService(String normalizedVirtualPath) at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath) at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) --- End of inner exception stack trace --- at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
    TeamLabSvc
    1948

    -
    -

    1334
    2
    0
    0x80000000000000

    1157
    Application
    TEAMLAB.advancednutrients.com

    -
    An unhandled exception occurred and the process was terminated. Application ID: f17acc35 Process ID: 2312 Exception: System.AccessViolationException Message: Attempted to read or write protected memory. This is often an indication that other memory is corrupt. StackTrace: at System.Data.SQLite.UnsafeNativeMethods.sqlite3_next_stmt(IntPtr db, IntPtr stmt) at System.Data.SQLite.SQLiteBase.ResetConnection(SQLiteConnectionHandle db) at System.Data.SQLite.SQLite3.Close() at System.Data.SQLite.SQLite3.Dispose(Boolean disposing) at System.Data.SQLite.SQLiteBase.Finalize()

Recent Posts

  • ONLYOFFICE

ONLYOFFICE Documents 5.0 for iOS is released

Great news, everyone! The version 5.0 of our free app ONLYOFFICE Documents for iOS is now available for download. Here’s…

2 days ago

ONLYOFFICE connector for ownCloud: welcome the new version

Good news, everyone! We’ve updated ONLYOFFICE integration app for ownCloud to version 3.0.1, offering you a few useful improvements. Learn…

4 days ago
  • Documents
  • Documents
  • Integration
  • Integration
  • Partnership
  • Partnership
  • What's new
  • What's new
  • What's new

ONLYOFFICE connector for Nextcloud v.3.0: watermarks, Mail Merge, demo server, and more

Hello everyone! We’ve updated ONLYOFFICE integration app for Nextcloud to version 3.0, with several cool features released. Read this post and…

1 week ago

ONLYOFFICE Editors v5.4: new features and where to find them

Great news, everyone! Version 5.4 of ONLYOFFICE Online Editors is already available with a lot of enhancements, including improved charts,…

2 weeks ago

ONLYOFFICE Summer 2019 Roundup

Hello everyone! Read this post to take a look at the latest releases, partnerships, events and other stories from ONLYOFFICE.…

3 weeks ago
  • Events

Busy autumn: ONLYOFFICE en route to conferences in Germany

Hello! Upcoming autumn months are going to be extremely productive for ONLYOFFICE team. Our schedule includes four important events in Berlin…

4 weeks ago

This website uses cookies. By continuing to browse the website you agree to our privacy policy.

our privacy policy