Software
Firmware & software kept up to date
Displays leave the factory pre-installed with approved firmware and software. Further updates and upgrades all happen automatically over the internet (Firmware update when installing display - Installation Wizard / internet / Over The Air (OTA))without the need for user manipulation, substantially reducing the risk of (un)intentional wrongdoing and security breaches.
Complex settings are hidden
During the first boot we offer a setup wizard to allow non-technical personnel to configure the basic parameters of the display (language, date & time, network, enrolment into remote management, …). Furthermore, users can define their UI preferences (quick launch buttons on the home screen, theme, …). More complex settings are hidden for ordinary users and require in-depth knowledge and access rights.
Test routines or backdoors
No hidden “backdoor” communication or test routines have been implemented into the devices.
User data
User profiles are only for access rights
i3CONNECT has developed a system of user profiles that allow the segmentation of users into administrators, ordinary users and guest users, all but the latter protected by user names and passwords. This allows organisations to reduce the rights of ordinary users to change settings on the display.
No personal user data stored
No personal user data is stored on the display. Screen captures of whiteboarding and annotation can be shared locally and or stored on user protected network storage, if the user wishes to do so. Locally shared screenshots are removed from the system with a 4h expiration period.
Network security
Data encryption and protection
All external network communication is encrypted (e.g. using HTTPS protocols and TLS) using 256-bit AES. User passwords are never stored in machine readable version and user data is not accessible for 3rd parties. Backups of data are stored in an encrypted format.
Internal zero-trust policy
Our internal IT security policy forbids unauthorised access to communications & cloud app hosting servers and databases, and restricts unauthorised personnel from copying and/or distributing this information. Strict access management shields all environments, databases and infrastructure from unauthorised access.
Cloud infrastructure with AWS Ireland
i3CONNECT relies on major IP service providers for hosting its cloud infrastructure to ensure that best practices and high standards are being applied to service and data management. In particular, i3CONNECT’ cloud hosting infrastructure is based on Amazon Web Services (AWS) and hosted in an Amazon data center in Ireland. This high-end infrastructure meets the latest security and data privacy standards. This means that all data traffic between the i3CONNECT display application and the server is being encrypted and only a limited amount of people has access to the infrastructure. These individuals have no means to download, decrypt nor read sensitive information that resides on the server.
Remote connectivity and mailing
For remote connectivity and mailing services i3CONNECT uses the infrastructure of other trusted providers like Twilio and its Sendgrit subsidiary. They only provide connectivity or processing services, not user data is stored.
Identity management with Auth0
For access and identity management (‘user profiles’ in i3CONNECT Cortex and storing the cloud management credentials in i3WHITEBOARD) we make use of accredited and secure 3rd party service supplied by http://auth0.com.
Conclusion
As a customer you can benefit from the i3CONNECT’s solutions and remain confident that your data is compliant with core security and compliance requirements such as data locality, confidentiality, and protection.