- 10 Jul 2024
- 1 Minute To Read
-
Print
-
DarkLight
-
PDF
Deployment - Data Security, Performance and Vulnerabilities
- Updated On 10 Jul 2024
- 1 Minute To Read
-
Print
-
DarkLight
-
PDF
The Whatfix solution is developed using globally accepted security measures. In this section, we outline how each of them works.
Whatfix Data Security
Whatfix does a routine security review and testing as an inherent part of the software development process to make sure there are no vulnerabilities in the application.
Whatfix maintains the following data security measures for its users:
- Whatfix export version is placed as a part of your web servers. It can attain the same level of security requirement as your other in-house products.
- The Whatfix JavaScript makes only GET requests (read-only requests) to your web servers. No external calls are made to any outside servers.
Whatfix JavaScript Architecture
After unzipping the compressed export file (.zip), your product team needs to integrate a single line Whatfix JavaScript from the extracted package into your application. Whatfix follows all the regular best practices in ensuring JavaScript security.
The design of Whatfix JavaScript ensures that:
- Only GET requests (read-only requests) are made to your servers from Whatfix’s JavaScript
- No calls are made from Whatfix’s JavaScript to any server except your server
- No third party libraries are used/required to run Whatfix on your application
- No need to have any specific libraries/software on your server. The unzipped file can be placed on any web server software
- Seamless operations with your CDN
Whatfix Security & Deployment Architecture
Vulnerability Scans and Penetration Test
Whatfix performs regular security assessments, penetration tests, and vulnerability scans along with multiple rounds of reviews. These tests ensure that nothing gets overlooked and human mistakes are rectified on time.
Failover
In the case of a failover, you can serve Whatfix JavaScript from multiple servers and use CDN for distributing the content.
Performance
Whatfix has a negligible impact on the performance of your application because of the following:
- The Whatfix JavaScript execution during page load takes approximately 400 milliseconds.
- The Whatfix JavaScript file gets cached at the browser side and ensures that the script is downloaded only once for the user (first-time access).
- The compressed Whatfix JavaScript is just 700 KB in size. The browser caches this file and ensures that the user downloads them only once (first access).