Disruptive Technologies has prioritized security and privacy throughout every part of the design and development process for our sensing solution, including chip design, sensor design, radio protocol design, cloud services and APIs.
Every layer of the Disruptive sensing solution is secure, from the individual sensors to the applications processing the data. Measurement and sensor identity data is encrypted within the sensors themselves. The data stays encrypted through radio transmission, cellular or Ethernet forwarding over the Internet until it reaches Disruptive’s secure cloud. The data is then passed to customers’ applications via encrypted protocols. Access control mechanisms in the Disruptive cloud provide controlled delivery of sensor data to designated processing systems.
Disruptive is committed to making sure customers enjoy simple installation, streamlined operation and low cost of maintenance. Security and privacy architecture and controls in the Disruptive sensing solution are designed to enhance productivity, not slow you down. With a fully secured system customers can focus on using data to meet their business goals and not worry about unintentional data access.
With SecureDataShot, we pair sensors directly with users, rather than with a gateway. This architecture virtually eliminates the potential for man-in-the-middle attacks which exploit gaps in security architecture linked to gateways.
Unlike IoT technology that connects devices and data through a gateway, Disruptive Technologies uses Cloud Connectors to remove typical security weak points in the IoT architecture and simplify implementation and maintenance. We call this revolutionary end-to-end secure solution SecureDataShot™.
Pairing sensors directly with users via a Cloud Connector is also easier and faster than using a gateway. In our architecture, multiple Cloud Connectors allow for roaming to eliminate bottlenecks. Initial installation and later extensions to an existing installation is significantly faster using the Disruptive architecture compared to a gateway-based system.
SecureDataShot™ removes typical “man in the middle” security weak points by using end-to-end encryption.
Security is built into the development and manufacturing of Disruptive’s sensing solution at every stage.
When it is manufactured, each sensor is assigned a unique 256 bit asymmetric encryption key. Key generation is managed by a tamper-proof FIPS 140-2 Level 3 certified hardware security module.
The public part of the asymmetric encryption keys is exchanged with Disruptive’s cloud via encrypted channels. Encryption keys are installed in a physically secured production facility with limited and audited access control. When these keys are securely exchanged, the sensor and the cloud authenticate each other and establish a tamper-proof, end-to-end encrypted communication channel.
Disruptive has patents pending related to the secure and low energy key exchange that takes place when a new sensor joins the Disruptive network. Disruptive Cloud Connectors are similarly provisioned with Transport Layer Security (TLS) certificates to establish secure connections and guarding from man-in-the-middle attacks targeted towards the Disruptive Technologies cloud.
On the Disruptive cloud side, cryptographic keys are stored in separate components, which are locked down and unavailable to the rest of the system except for use in establishing session communication keys. For protection against loss, encrypted backups of device keys are stored in multiple secure locations.
All Disruptive system components are instrumented and monitored 24 hours per day, seven days per week. Anomalies outside operational parameters trigger alarms and automatically notify our response team to initiate escalation procedures.
Disruptive cloud components are running in Google Cloud, one of the most advanced security organizations in the world, with top level security controls. We follow best practices for security for each of the components in use. The Disruptive Cloud also uses Google Infrastructure services and relies on the security of these and Google to protect against attacks.
The illustration above highlights the following characteristics of the system:
Disruptive has completed two independent security reviews, conducted by UL, a global safety consulting and certification company and security expert Lars Lydersen.
"The EVM of the assessed components placed within the top 5-10% of Praetorian’s client-base.
The overall security posture was found to be excellent with minimal amount of low and informational risk findings."
Data processed through the Disruptive solution is owned by the customer. The Disruptive cloud collects data from connected sensors, such as temperature readings, humidity, button touches or door opening/closing events.
Customers may also add some metadata to the installation, such as naming the sensors or attaching key/value labels to them. It is by this process that the customer may create personal data out of the raw data delivered by sensors.
The data entered into the system by a customer via DT Studio or our APIs is protected by Disruptive as the property of the customer. Access to the data is controlled by the customer to the point that the customer must explicitly grant Disruptive Customer Service access if they would like assistance (e.g. using DT Studio.)
By default our developers do not have access to production data. The number of Disruptive personnel with system access to production data is kept to a required minimum. Access to production data generates an audit log and a customer’s data protection policy specifies rules for such access. Data required by Disruptive to analyse sensor performance, energy consumption and lifetime estimates is managed according to contract terms for such use.
Customers can access data from sensors via Data Connectors and via the use of our API. Data Connectors are controlled through the same access mechanisms as other device information and can only be configured by personnel with sufficient permission levels.
Data Connectors push data to configured end points. Only encrypted channels are accepted. Customers can provide a secret to each data connector, which will be used to cryptographically sign each event passed through the data connector. By verifying the signature on the receiving side, customers may confirm that no unauthorized third party can pass data into their reception point undetected.
For some applications, the API allows setting up streaming connections that listen to a subset of sensors in a project. All API access is authorized through access rights granted to service accounts. The API user must authenticate the API access through valid service account credentials, and the service account access rights will limit what the API access will allow. Service accounts and their access rights are controlled by customers themselves, either through DT Studio or programmatically through the API.
Customers control access to projects and their organisation by granting roles to users and service accounts. It is the responsibility of the customer to manage who has access to their data through these mechanisms. Access management and labelling of raw data with user or project values can be done through the DT Studio user interface or via the API. Using these control mechanisms, customers can and must comply with regulations that may pertain to their collection of personal data.
The EU General Data Protection Regulation (“GDPR”) from 25 May 2018 is an important piece of legislation intended to strengthen and unify a consistent personal data protection regime across Europe. The GDPR applies to companies that collect and handle personal data from EU-based individuals, regardless of where the data is processed.
Personal data is defined as any information relating to an individual that can be directly or indirectly identified. The GDPR distinguishes between companies that act as data controllers and data processors. The data controller determines the purposes and means of processing personal data, while the data processor processes data on behalf of the data controller.
Customers will typically act as data controllers for any personal data they handle in connection with their use of Disruptive Technologies’ services, while Disruptive Technologies is a data processor. As data controllers, customers are required to assess whether their data processor is meeting the requirements of the GDPR.
Disruptive Technologies’ own corporate GDPR compliance includes implementation of technical and organisational measures to ensure a level of security appropriate to the risk, such as:
All sensor and Cloud Connector data are stored in the EU region of Google’s data centers. For customers in other regions, data will be stored in Google’s regional data centers. Google’s Cloud Platform is compliant with applicable EU regulations on privacy and data protection.
For everyone at Disruptive Technologies, security and privacy are a priority, not an afterthought. We have ensured security throughout our product design and development process by building in security controls and rigorously testing them. You can trust that only the people you designate have access to sensor data and data remains private and secure.
Follow this blog for a peek of our future!
* By subscribing to our newsletter, you agree to receive digital communications. You may withdraw this consent at any time.
Traditionally, the most important role of workplace managers is to help organizations optimize their..
With more than a year into the COVID-19 lockdown, companies are now used to work-from-home practices. Virtual..
This article is part of the Disruptors Series, a special quarterly edition of our blog where thought leaders..