Skip to main content

RChilli- Security & Privacy Guide for On Premises Setup

RChilli Support
  • Updated

Here is a comprehensive overview of RChilli's Security & Privacy Guide for On-Premises Setup, based on the latest internal documentation:

πŸ” RChilli Security & Privacy for On-Premises Deployment

When deploying RChilli products on-premises, maintaining robust security and privacy is central to ensuring compliance and safeguarding sensitive data. RChilli adheres to global standards, integrating security into every phase of product development and deployment.

βœ… Certifications & Compliance

RChilli's infrastructure and software are certified under several major standards, demonstrating a strong commitment to security and compliance:

  • ISO/IEC 27001:2022 (Valid until Feb 2027)

  • SOC 2 Type 2 (Valid until Jan 2025)

  • PCI DSS and HIPAA (Valid through 2024)

  • FedRAMP Moderate is in progress (Est. July 2024)

These certifications validate that RChilli enforces industry-standard policies, procedures, and controls to secure data both at rest and in transit.

🧱 Security in On-Premises Setup

For on-premise setups, especially those deployed via Docker, RChilli requires specific system configurations to maintain optimal security and performance:

Minimum System Requirements:

  • 64-bit Linux Server (Recommended: CentOS 8/9, Ubuntu, Amazon Linux)

  • 16-Core Processor, 3.x GHz frequency

  • 64 GB RAM or higher

  • 100 GB root volume storage

  • Docker Environment Setup with API authentication

Reference Guide: Installing RChilli API Using Docker

πŸ”’ Data Security Practices

RChilli’s on-prem API services enforce the following:

  • REST API Authentication using user keys

  • Secure API calls with HTTPS

  • Data isolation per user key

  • No data storage β€” parsed resumes are not retained unless explicitly indexed

Even for on-prem deployments, RChilli maintains the same security-first principles as in cloud models.

🌐 Access Control and Network Security

  • User-based access control: Authentication through secure API tokens (user key, subuser ID)

  • No internet dependency: Once deployed, all operations (resume parsing, matching, etc.) occur locally

  • Network segmentation and firewall configurations are recommended to restrict access

πŸ“Š Data Handling Transparency

For on-prem deployments:

  • No external data transmission is required for parsing or indexing

  • Customers maintain complete control over data lifecycle

  • Logs and API usage data remain within the local environment

πŸ›‘οΈ Recommendations for Enhanced On-Prem Security

  1. Use internal SSL certificates for Docker environments to secure internal APIs.

  2. Enforce role-based access controls within your local systems managing RChilli services.

  3. Limit network access to the RChilli services to only trusted IPs or systems.

  4. Regularly update Docker containers using RChilli-provided secure base images.

πŸ“© Need Help?

For advanced security consultations or assistance with configuring an on-premises setup, contact: Email: support@rchilli.com

Related articles

Comments

0 comments

Please sign in to leave a comment.