Security and Privacy

Overview

Security and Privacy are core values of the davinci platform. The davinci platform encompasses several layers of protection to harden your defense.

User Privacy

User privacy is a paramount concern of the davinci platform. While many users use the platform for educational purposes, many use it for business reasons and they need absolute guarantees of privacy. As such, davinci does not track its users or store any user information other than information that users post to the servers themselves.

Advertisements : any advertisements that are hosted on the davinci platform are chosen based on the content of the page in which they are hosted, not on any information about the user viewing the page.

Topics

• Page and Desktop Security
• Local
• Message Security

Data Security

There are two ways to add data to a blog or workspace.

• Embedded data - embedded data is data that is saved within the blog or workspace. When the blog or workspace is saved, the data is saved within the blog or workspace. That is, if the blog/workspace is saved to the server, the blog/workspace will be encrypted with the rest of the blog and saved to our secure servers. If saved locally, it will be embedded within the local file.
• Linked data - linked data is downloaded into memory from a URL whenever a user opens the given blog or workspace. It is never saved with the blog/workspace. That means that it will not be saved on a davinci server if the blog/workspace is saved there, nor will it be embedded in a file if saved locally. Access to the data occurs by requesting the data from a URL using the davinci authentication mechanism managed by the data authentication app.

For more information on data security and security options and scenarios, see data security.

Hosting your own Servers

For users/companies with extra privacy concerns for which they wish to save blogs, workspaces or other content to an online server but wish to be able to manage that server themselve, davinci gives those users the option of a hosting their own servers for hosting their content.

Your servers will host the following:

• Authentication information - authentication tokens and trusts
• Workspaces and Blogs
• Media - images, videos, audio and other media documents

Users will log into your network on your servers. In addition, you can enable users to log into the davinci servers and to save all the above items to your servers. (This requires saving an authentication token on the davinci server)

Users who log into the davinci server or some other network, can communicate with your servers if granted an authentication token by your adminstrators.

davinci servers are made ready to deploy on Amazon AWS, for customers who use Amazons cloud service. Davinci servers can be deployed on alternative servers with minimal customization.

For more information, please see server hosting

Verifying Users and Data

There may be times when you want to verify the identity of a user you are interacting with, or you want to verify who is the publisher of data being hosted on the platform. Davinci does not track or maintain user identities, unless those users have enrolled in user verification.

Once a user has their identity verified, other users can then verify thier identity, and any data they are hosting.

(for tips on verifying data not hosted on the platform, see verifying non hosted data.)