Security

 

Last updated on 2020-08-27

Protecting your information and the information of your customers is extremely important to us. We know you have questions about how we’re protecting that information, frequently requested details about Kiosk Browser/Launcher Remote Management’s information security is listed below.

Azure Data Centers

Primarily hosted in Azure North Europe region. They provide physical security protection measures and adhere to high quality standards.

Application Security

Security in our software is very important, we are frequently scanning for vulnerabilities. The service is secured by leading identity-as-a-service (IAAS) provider Auth0© which has number of features including brute force protection (limits the amount of failed logins from a suspicious IP address).

We also do the following:

  • Encrypt all your data in transit using TLS
  • Use transparent data encryption for SQL Database and backups
  • Rate limit IPs abusing the service
  • Strong password rules for username and password accounts + 2FA
  • Option to login with Google Account
Disaster Recovery/Business Continuity

We utilise Azure services in multiple regions, in most instances data is automatically replicated to another region so that we can quickly recover in the event that a data center is unavailable. We can also scale resources automatically based on demand to avoid any performance issues.

Team Security Practices
  • Security is the responsibility of each and every one of our employees, we provide training so that they can identify security risks.
  • Our systems and your data is restricted to only employees who need access, to provide you with first class support.
  • Use of 2-Factor-Authentication on all our 3rd party accounts (eg. Azure, Google Firebase, etc…)
  • We do not sell your data, our business is based on purchased services (pro licences, paid subscriptions)
  • Security and Data Privacy always comes first when implementing new features
FAQs
  • How long do we keep your data?
    We automatically delete data based on the information below.
    Expired Trial Accounts: 1 year
    Expired Subscription Accounts: 1 year
    Device events, device sessions, device locations: 30 days
    System Backups: 10 days
    Logs: 10 days
  • How can I report a security issue?
    Just send an email to [email protected]
  • Have you had an incident that resulted in a data breach?
    No, however if such an incident ever occurs we will post a full incident report (in public) and notify all customers.