A-051 - VPS-02 (Business Application Hosting)
Purpose
Host business application services and associated data storage.
Asset Type
- Infrastructure
Description
- Public VPS dedicated to hosting Dolibarr and its database
- Provides application runtime environment and storage
- Exposed to the internet for application access
Criticality
- Critical
Sensitivity
- Highly Sensitive
Exposure Level
- Public
Trust Zone
- Heaven
Dependencies
- Hosting provider infrastructure
- Network connectivity
Relationships
- Hosts Dolibarr (A-064) and Database (A-065)
- Directly exposes business application services
Security Position (Architecture Context)
- Concentrates business logic and sensitive data on a single host
- Compromise leads to full application and data access
- Limited isolation between application and database layers
Existing Protective Measures
- Restricted SSH access (key-based authentication)
- Database not publicly exposed
- Basic application-level access controls
Owner / Responsibility
- Operations Role (Ops)
Notes
- Transitional architecture with high risk concentration
- Planned improvements: backup, isolation, WAF, logging centralization