diff --git a/docs/link/admin/index.mdx b/docs/link/admin/index.mdx deleted file mode 100644 index a4bbcc9..0000000 --- a/docs/link/admin/index.mdx +++ /dev/null @@ -1,15 +0,0 @@ ---- -sidebar_label: Admin Guide -sidebar_position: 30 ---- - -import DocCardList from '@theme/DocCardList'; -import {useCurrentSidebarCategory} from '@docusaurus/theme-common'; - -# Admin Guide - -:::warning[Under construction] -This documentation is a work in progress. Please [get in touch with us](mailto:contact@sr2.uk) if you have any questions. -::: - - \ No newline at end of file diff --git a/docs/link/agent/index.mdx b/docs/link/agent/index.mdx deleted file mode 100644 index 2f76e30..0000000 --- a/docs/link/agent/index.mdx +++ /dev/null @@ -1,15 +0,0 @@ ---- -sidebar_label: Agent Guide -sidebar_position: 20 ---- - -import DocCardList from '@theme/DocCardList'; -import {useCurrentSidebarCategory} from '@docusaurus/theme-common'; - -# Agent Guide - -:::warning[Under construction] -This documentation is a work in progress. Please [get in touch with us](mailto:contact@sr2.uk) if you have any questions. -::: - - \ No newline at end of file diff --git a/docs/link/backups.md b/docs/link/backups.md new file mode 100644 index 0000000..3112fdc --- /dev/null +++ b/docs/link/backups.md @@ -0,0 +1,35 @@ +--- +title: Backups +sidebar_position: 90 +--- + +## Daily Backups + +We manage daily backups of your data and retain the backups for 7 days after creation. +As your helpdesk will constantly be updating with new tickets and replies we have not ever had a reason to retain +backups for longer than this, and we always try to minimise the amount of sensitive data we keep in "hot" storage. + +The backups take the form of a full disk snapshot so we are not able to restore individual tickets if they are +deleted accidentally, for example, we can only roll back the state of the whole helpdesk. + +The backups are stored on a physical server hosted in Hetzner's datacenter separate from your helpdesk's primary +storage. As the backups are a snapshot of the disk, the data is encrypted there with the same per-instance key that is +used to encrypt the primary storage (it's a byte-for-byte copy of the same encrypted data). + +If you need to request that a backup is restored for any reason, please +[contact our support helpdesk](https://www.sr2.uk/contact). + +## Exporting Helpdesk Data + +If you wish to export data yourself in CSV or similar formats, you can do so through the +[Zammad API](https://docs.zammad.org/en/latest/api/intro.html). + +## Receiving Regular Database Dumps + +If you are moving away from SR2 Cloud, see [our page on Moving Away](./moving_away.md). + +This feature is not currently available, however we plan to make available a feature that makes regular database dumps +available to you via our upcoming object storage system, which would be encrypted to your GPG key. +You would then be able to synchronise these to your local system. +If you require regular database dumps before this feature has been implemented, please +[contact our support helpdesk](https://www.sr2.uk/contact). diff --git a/docs/link/admin/e2e_channels.md b/docs/link/e2e_channels.md similarity index 99% rename from docs/link/admin/e2e_channels.md rename to docs/link/e2e_channels.md index 7549b74..7937345 100644 --- a/docs/link/admin/e2e_channels.md +++ b/docs/link/e2e_channels.md @@ -1,6 +1,6 @@ --- label: E2E channels -sidebar_position: 10 +sidebar_position: 40 description: Setting up E2E channels (Signal and WhatsApp) --- diff --git a/docs/link/hosted.md b/docs/link/hosted.md index eef953f..0540182 100644 --- a/docs/link/hosted.md +++ b/docs/link/hosted.md @@ -1,5 +1,5 @@ --- -sidebar_position: 50 +sidebar_position: 500 --- # CDR Link FAQ diff --git a/docs/link/logging_in.md b/docs/link/logging_in.md new file mode 100644 index 0000000..ce78992 --- /dev/null +++ b/docs/link/logging_in.md @@ -0,0 +1,13 @@ +--- +title: Logging In +sidebar_position: 20 +--- + +To log in to your instance, visit the helpdesk URL provided. This will usually end with **.link.sr2.uk** or +**.cdr.link**, or it may be a custom URL. + +To begin the login flow, select to login with "SR2 Cloud". + +![Screenshot of initial login screen](/docs/link/agent/login.png) + +You can then follow the instructions for [Single Sign-On](/docs/sso/) to complete the registration and login process. diff --git a/docs/link/admin/moving_away.md b/docs/link/moving_away.md similarity index 99% rename from docs/link/admin/moving_away.md rename to docs/link/moving_away.md index bbd1039..fefab06 100644 --- a/docs/link/admin/moving_away.md +++ b/docs/link/moving_away.md @@ -1,6 +1,6 @@ --- title: Moving Away -sidebar_position: 40 +sidebar_position: 100 --- ## Data Portability diff --git a/docs/link/agent/notifications.md b/docs/link/notifications.md similarity index 96% rename from docs/link/agent/notifications.md rename to docs/link/notifications.md index 5ce02e9..bae1728 100644 --- a/docs/link/agent/notifications.md +++ b/docs/link/notifications.md @@ -1,4 +1,7 @@ -# Notifications +--- +title: Notifications +sidebar_position: 20 +--- Our helpdesks support "desktop notifications", delivered when the agent is logged in to the helpdesk, and email notifications. diff --git a/docs/link/security.md b/docs/link/security.md new file mode 100644 index 0000000..834382d --- /dev/null +++ b/docs/link/security.md @@ -0,0 +1,27 @@ +--- +title: Security +sidebar_position: 50 +--- + +## Application Security + +Open Technology Funds’s Security Lab partner Assured Security Consultants performed a +[white box audit of Link](/docs/link/Assured-AB-CDR001v_CDR_Link.pdf) between October 7 and October 22, 2024. +A white box audit provides the tester with privileged access to the source code, testing infrastructure, and +documentation. +The audit included the Link application itself, its integrations with chat networks Signal and WhatsApp, as well as the +deployment and hosting infrastructure underlying a typical Link instance. Auditors performed a verification test in +December 2025 to validate fixes and mitigations in response to the original test. + +## Infrastructure Security + +Our Link instances run on SR2's vetted-access cloud, which in turn is hosted on servers rented from Hetzner Online GmbH. +The datacenter runs on [100% green electricity](https://cdn.hetzner.com/assets/Uploads/oekostrom-zertifikat-2025.pdf) +and has [stringent security measures](https://www.hetzner.com/assets/Uploads/downloads/Sicherheit-en.pdf) in place to +prevent unauthorised access. +Hetzner holds an [ISO 27001 certification](https://www.hetzner.com/assets/downloads/ISO-Certificate.pdf) relating to +the security measures in place, and there are no exclusions from the scope in regard to measures mentioned in Annex A. + +SR2 exclusively and manages the servers from Scotland via mutually authenticated, end-to-end encrypted channels. +All CDR Link helpdesk data is stored on a LUKS-encrypted volume with a per-instance key to protect the data at rest. +Hetzner staff have physical server access, but strict controls are in place to prevent unauthorised access. diff --git a/static/docs/link/Assured-AB-CDR001v_CDR_Link.pdf b/static/docs/link/Assured-AB-CDR001v_CDR_Link.pdf new file mode 100644 index 0000000..54ffca9 Binary files /dev/null and b/static/docs/link/Assured-AB-CDR001v_CDR_Link.pdf differ diff --git a/static/docs/link/agent/login.png b/static/docs/link/agent/login.png new file mode 100644 index 0000000..9fbf960 Binary files /dev/null and b/static/docs/link/agent/login.png differ