top of page
DALL·E 2024-03-17 14.04.13 - Enhance the current cloud-centric illustration by adding the

The reaching4 Tech Platform

Career Playground is a nextgen SaaS App, hosted on Microsoft Azure integrating with ChatGPT

Thank you for your interest in the reaching4 career playground. This document provides a summary of the technical platform and architecture for career playground.

This document is private and confidential and is shared with assigned technical officers representing client companies. It should not be shared with non-assigned technical officers without the specific permission of reaching4.

Topics:

  1. Platform

  2. Architecture

  3. Security

  4. Privacy

  5. Contact

 

PLATFORM:

Frontend Technology

  • The technology framework used is ASP.NET Core 6 MVC. The View Engine is Razor and Scripts are run using JavaScript and jQuery.

Backend Technology

  • The technology framework is ASP.NET Core 6 API and the database Azure SQL Server.

Cloud Hosting and Services

  • The Cloud hosting partner is Microsoft Azure. Services utilized include: Azure DevOps, Azure Boards, Azure Pipelines, Azure AI Services, Azure Security, Azure Key Vault, Azure Storage, Azure Webjobs and Azure SQL.

Third Party API’s

  • ChatGPT-4 API’s for prompting and data retrieval for example for roles and skills and Bing APIs for Personalization of Learning resources.

Development Environment

  • IDE: Visual Studio and Visual Studio code, SQL Server, and Git/GitHub.

Deployment

  • Code is deployed using Azure Pipelines and Azure App Services.

Story Tracking

  • Utilize Azure DevOps and Boards for end-to-end project tracking.

  • We use an agile methodology including user stories, tasks, and sprints to develop code.

Source Code Management

  • Utilize Azure Pipelines and Azure Repos for version control and management.

Monitoring and Loggings

  • Utilize Azure application insights including usage analytics and error tracking for performance monitoring.

Continuous Integration/Continuous Deployment

  • Configured with Azure Pipelines for automatic build on each commit.

  • Automated Production/Test environment deployment to Azure App Service after successful builds.

Data Backup and Recovery

  • Daily backups schedule.

  • Implemented versioning to track changes over time. This allows for recovery to a specific point in time, preventing the loss of historical data.

 

ARCHITECTURE:

  • The architecture diagram represents the key technology platform components, interactions, and relationships.

  • The key components are: .NET Core MVC, .NET Core API, and Azure services.

reaching4 architecture diagram.png

SECURITY:

Authentication and Authorization

  • Use Single sign-in and Active Directory for Authentication.

  • Enforce Multi-Factor Authentication (MFA) for enhanced security.

  • Use OTP authentication for users to sign in with username password credentials.

  • Utilize OpenID Connect for secure authentication and obtain tokens for accessing APIs.

  • Use RBAC authorization mechanisms to control access to different parts of the application based on user roles and permissions.

Secure Data Transmission

  • Use HTTPS to encrypt data transmitted between the client and server to ensure secure communication.

  • Ensure that all sensitive information, such as tokens, are transmitted securely over HTTPS.

Token Validation

  • Validate tokens received from APIs to ensure authenticity.

  • Implemented token expiration checks to manage token validity periods.

Cross-Site Scripting (XSS) Protection

  • Sanitize and validate user inputs to prevent cross-site scripting attacks.

  • Use anti-forgery tokens to protect against cross-site request forgery (CSRF) attacks.

Session Security

  • Use session management practices, including secure cookie attributes.

  • Implemented session timeouts to automatically log users out after 20 minutes of inactivity.

Logging and Monitoring

  • Implemented logging for security events and anomalies.

  • Integrated with Azure Monitor for centralized monitoring and analysis.

Azure AD Conditional Access

  • Implemented Azure AD Conditional Access policies to control access based on conditions such as device compliance, location, or user risk.

  • Enforced Multi-Factor Authentication (MFA) for enhanced security.

Security Headers

  • Pass appropriate security headers in HTTP responses, including Content Security Policy (CSP), Strict-Transport-Security (HSTS), and others.

Error Handling

  • Implemented secure error handling to avoid exposing sensitive information in error messages to users.

  • Log detailed error information for debugging purposes but handle errors gracefully for end-users.

Data Protection

  • Encrypt data at rest using appropriate encryption mechanisms.

  • Implemented data protection features provided by .NET Core to secure sensitive information.

API Security

  • Secured API’s endpoints with proper authentication and authorization mechanisms.

 

PRIVACY:

Personal Data Handling

  • We collect non-sensitive information required for the purpose of planning career moves, developing skills, and accessing personalized academy resources. We do not collect personal data beyond name, username, email address, user password.

Data Encryption

  • Data is encrypted both in transit and at rest.

Data Compliance Policies and Procedures

  • Established clear policies for data retention conforming to GDPR compliance.

  • Adopted Data Privacy policies as required by Microsoft Procurement compliance team, overseen by a 3rd party Data Privacy compliancy officer Home | Clark Nuber PS | Clark Nuber PS

  • Specific Data privacy policies and documentation available on request.

  • Includes annual compliance policy reviews and approval by Clark Nuber.

 Privacy Policy and Terms of Service

 

CONTACT:

The Technical team: newheights@reaching4.ai

Revision 3.2: Updated 2/26/2024.

bottom of page