Hubstaff Security and Screenshot Uploading
Here are a few most commonly asked security and screenshot upload questions:
How are the desktop images uploaded to Amazon S3? Specifically what ports and protocol?
They are uploaded via SSL over the standard HTTPS port (443)
Does the client initiate the upload of desktop screen shots or is this done from the server?
The client does all screenshot uploading, screenshots never pass through the server.
Are the screenshots encrypted at rest on the amazon servers? To be HIPAA compliant data needs to be encrypted at rest as well as in transit.
We currently are encrypting at rest.
Are the keystrokes and screen shots uploaded at the same time? Do both the screen shots and keystroke count both use 443?
We do not upload keystrokes (We do not even store keystrokes locally). We upload the total seconds within a 10 min block that there was “activity” and the total seconds “worked” roughly every 10 minutes via SSL (port 443).