Device Security
Firmware & Software Installation And Updates
i3CONNECT displays leave the factory pre-installed with firmware and software that has been inspected and approved by an i3CONNECT Quality Assurance engineer in Europe. Further updates and upgrades all happen automatically without the need for user manipulation, substantially reducing the risk of (un)intentional wrongdoing and security breaches.
During the first installation (boot) we offer a Setup Wizard to allow non-technical personnel to configure the basic parameters of the display (language, date & time, network, enrolment into remote management, …). Furthermore, users can define their UI preferences (quick launch buttons on the home screen, theme, …).
More complex settings are hidden for ordinary users and require in-depth knowledge and access rights.
We strictly check to ensure that no hidden “backdoor” communication or test routines have been implemented on any of our displays with the initial software, and every update.
User Profiles
i3CONNECT has developed a system of user profiles that allow the segmentation of users into administrators, ordinary users and guest users, all but the latter protected by user names and passwords. This allows organizations to reduce the rights of ordinary users to change settings on the display.
Personal User Data
No personal user data is stored on the display. Screen captures of whiteboarding and annotation can be shared locally and or stored on userprotected network storage, if they wish so. Locally shared screenshots are removed from the system with a 4 hour expiration period.
Secure Communications & Cloud App Hosting
Data Encryption & Data Protection
Network security is important to i3CONNECT. Therefore, all external network communication is being encrypted (e.g. using HTTPS protocols and TLS) using 256-bit AES. User passwords are never stored in machine readable version and user data is not accessible for 3rd parties.
Backups of data are also being stored in encrypted format.
Our internal IT security policy forbids unauthorized access to this servers and databases, and restricts unauthorized personnel from copying and/or distributing this information. Strict access management shields all environments, databases and infrastructure from unauthorized access.
Infrastructure with Major ISPs in Ireland
i3CONNECT relies on major IP service providers for hosting its cloud infrastructure to ensure that best practices and high standards are being applied to service and data management. In particular, i3CONNECTs cloud hosting infrastructure is based on Amazon Web Services (AWS) and hosted in an Amazon data center in Ireland. This high-end infrastructure meets the latest security and data privacy standards. This means that all data traffic between the i3- Technologies’ display application and the server is being encrypted and only a limited amount of people has access to the infrastructure. These individuals have no means to download, decrypt nor read sensitive information that resides on the server.
For remote connectivity and mailing services i3CONNECT uses the infrastructure of other trusted providers like Twilio and its Sendgrit subsidiary. They only provide connectivity or processing services, not user data is stored.
For access and identity management (‘user profiles’ in Cortex and storing the cloud management credentials in i3Whiteboard) we make use of accredited and secure 3rd party service supplied by http://auth0.com.
Hence, you as a customer can benefit from the i3CONNECTs solutions and remain confident that your data is compliant with core security and compliance requirements such as data locality, confidentiality, and protection.
These terms may change over time
i3CONNECT’ products are constantly evolving to improve customer functionality and user experience. This means that the effectively used cloud services and servers might evolve over time. Efforts have been made to check that information provided here to be correct and complete at the time of publication, subject to change without prior notice.