Skip to main content

Security in Consibio Cloud

Consibio Support Team
Updated

Consibio Cloud is a platform for easily collecting remote data from IoT dataloggers and handling all the data processing, analysis, storage and visualisation alongside the tools needed for managing the dataloggers. 

In the setup, there are 3 main parties/layers that exchange data:

  1. Dataloggers: Sample measurements and sends them to the cloud.
  2. Consibio Cloud: The central hub for storing and managing all data, configurations and analysis
  3. External accessors: Human users that access Consibio Cloud through a user interface and service accounts that access the data programatically.

 

Each layer in this model - and the exchange of data between the layers - is protected using the best-in class security using industry standards:

 

 

 

Dataloggers

  • Uses a secure boot mechanism to ensure that on-device flash is verified on each reset.
  • Potential vulnerabilities are continuously patched via Over-The-Air (OTA) updates. All updates are signed and must be verified before its executed on the device.
  • Communication sessions are always initiated by the device going out to Consibio Cloud, so there are no open services or ports on the device. 3rd parties cannot communicate with the devices.
  • All communication links are encrypted using TLS v1.3
  • Each device uses individual x509 certificates for authentication.

 

Consibio Cloud

  • All services are hosted by a trusted 3rd party ensuring a very high uptime and automatic, global scalability.
  • All stored data is encrypted at rest
  • Multiple services are scanning all activity for any vulnerabilities or malicious requests.
  • All in- and outgoing communication channels require strong authentication and TLS encryption.
  • All data is divided into sandboxed "projects". Users are granted role-based access to data on the project level.
  • Data backup is performed daily and stored for at least 1 month.

 

Users and external accessors

  • Role-based user management handles access to data.
  • 3rd party services can access data on a role-based level using the Consibio Cloud REST API.
  • All unauthenticated access requests are denied.
  • All data requests must be made on a TLS encrypted link.

Related articles