Safety and security principles of Consibio’s platform
Products and services by Consibio have always been designed with security in mind. The entire hardware and software platform are made with best-practices regarding security.
To describe the security principles of the Consibio platform, the platform can be separated into two distinct categories that both communicate with the Consibio Cloud:
- The Consibio Connectors, i.e. the physical IoT devices
- The browser web-app for user access
Consibio Cloud is the backend of the platform, where all the incoming data from Consibio Connectors (the hardware devices) is taken in, analyzed and stored securely. Data is transmitted both to and from the Connectors and the Web app, where several security measures are taken as outlined below.
We have integrated security and robustness features in our own hardware, such that both the physical hardware and the software that runs on our devices are intrinsically safe. Some of the security highlights regarding the Consibio Connectors and their communication to the Cloud, are:
- Secure boot – ensures that any executed software is from Consibio only.
- Flash encryption – all installed firmware stays encrypted.
- TLS communication – No eavesdropping, spoofing or untrusted communication between devices and cloud.
- End-to-end encrypted communication with modern public-key encryption.
- Cryptographically secured identities for each device.
- Embedded software on the devices are continuously updated over-the-air for patch management.
- Cloud service is hosted by a trusted 3rd party, enabling very high uptime.
- Every datapoint is encrypted
Web app for user access
Users access Consibio Cloud through the web app available at https://cloud.consibio.com. Therefore, the user access security most also be following the best-practices similar to the hardware security. Some of the security highlights regarding the User Access to the Consibio Cloud platform are:
- Role-based user management to allow different access levels to your data
- TLS communication between users and cloud, similar to the security at the device level.
The role-based user management features and permissions are described in greater detail in the Projects section of the Consibio platform Documentation.