The SeeChange platform makes extensive use of image sensors, both privacy of the images they provide and the security of the platform from edge to cloud is paramount to the system design. The data pipeline and related security measures are summarised here.
Data residency
By default we host in the Azure Data Centre, hosted in the UK (Azure UK South Data Centre). Other locations are available.
Encryption
Data is encrypted in transit and at rest (device, cloud and mobile), aligned with industry standard end to end security protocols (RSA 2048, TLS 1.2).
Data isolation and auditing
Data is isolated via strict access control, making data only accessible by the intended user.
Access to data is traceable and is logged for 30 days.
Access control
User access control managed via internal access management procedures. System access control managed by internal system identity & access management service (e.g. SSO).
Verification
Security pattern is independently audited (by ISO27001)
Standards and specification
By default we host in the Azure Data Centre, hosted in the UK (Azure UK South Data Centre. Other locations are available
Security by design
Gateway software has been engineered to prevent off-site camera viewing
Inter-process communication secured by Mutual TLS (future)
Cross network communications secured using signed short life tokens
All security specifications are applied consistently across all parts of the application stack (device, cloud and mobile)
MFA enforced for all SeeChange access. MFA optional for customer
End to end design is independently reviewed (by ISO27001)
Response
Automated alerting around security events
Capability to integrate with Security Operations Centre
Streamline processes
Reduce risk and loss
Save time and resources
Protect profits