DUAL FACTOR AUTHENTICATION (2FA)

Dual-factor authentication (2FA), sometimes referred to as two-step verification or two-factor authentication, is a security process in which users provide two different authentication factors to verify themselves before access is granted.

By default, the Cloudview platform provides 2FA through email/password log on followed by either:

• Google Authenticator

• SMS Code (OTP)

• Secret Word

• Email Code (OTP)

2FA better protects both a user's credentials and the areas within the platform the user can access. Overall, Dual-factor authentication provides a higher level of security than authentication methods that depend on single-factor authentication (SFA), in which the user provides only one verification - typically, a password or passcode.

RSA-256 ENCRYPTION

To safely and securely transmit recorded video footage from the Cloudview Edge Device to the Cloudview platform, all footage is protected by an RSA-256 encryption.

Without heading into the technical detail, under RSA encryption, recorded footage from the remote video monitoring system is automatically encrypted by the Cloudview Edge Device with a code called a ‘public key’. Once the footage has been encrypted with the public key, it can only be decrypted by another key, known as the ‘private key’. This can only occur within the Cloudview platform meaning absolutely no footage can be accessed outside of the platform and without the necessary authorisation levels.

TRANSPORT LAYER SECURITY (TLS)

Transport Layer Security (TLS) encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information.

In addition to using RSA-256 to encrypt the recorded footage, Cloudview then uses TLS to ensure its safe travel through the internet to the Cloudview platform where it can then be decrypted. This added layer of security ensures you can trust your footage is secure with Cloudview every step of the way.

THIRD PARTY PENETRATION TESTING

As the security of the Cloudview system is at the core of our business, prior to major releases, we undertake proactive testing by a third party to validate our system and identify potential weaknesses and/or security gaps. As a result, Cloudview customers can be confident that their data is safely stored, accessible 24/7 and their GDPR obligations are met.

SECURE SHELL (SSH)

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. As the Cloudview platform can be access from anywhere using leading internet browsers, the implemented SSH technology means you can feel assured that even when accessing your data from an unknown or potentially unsecure network location, your footage and data is always protected.

HYPERTEXT TRANSFER PROTOCOL SECURE (HTTPS)

HTTPS is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted to increase security of data transfer. This is particularly important when transmitting sensitive data, such as by logging into a bank account, email service, or health insurance provider.

As the Cloudview platform is accessed via the internet, we use HTTPS to prevent our site from having information broadcast in a way that’s easily viewed by anyone snooping on the network. This then protects the transmission of users recorded footage over an unsecure medium, such as public Wi-Fi, from interception.

ROLE-BASED ACTION CONTROL (RBAC)

Cloudview uses Role-based access control (RBAC) to restrict access to areas of the platform based on a person's role within an organization.

Users of the Cloudview remote video monitoring system are only allowed to access the recorded footage and features within the platform necessary to effectively perform their job duties. Access can be based on several factors and is determined by the organisation’s individual policies and GDPR compliance procedures. 

PASSWORD POLICIES

Cloudview’s password policies are designed to allow administrators to set them based upon internal company policies. Passwords can set within the system at the following levels:

• LOW (Min 6 letters with at least one lower case, one upper case and one number)

• MED (Min 8 letters with at least one lower case, one upper case and one number)

• HIGH (Min 10 letters with at least one lower case, one upper case and one number)

In addition, an administrator can provide temporary access to a specific user, setting passwords to expire at a certain date or by choosing the length of time they are valid for.