Secure collection of your data
We do everything we can to keep your data secure and private, starting even before the data leaves your site. All connections from the gateway to our cloud are validated using an industry standard 2048 bit RSA certificate and data is encrypted in transit using 128 bit AES encryption.
To avoid compromising the security of your site, EcoStruxure IT is designed to use only HTTPS TLS 1.2 encrypted outbound connections on port 443 and cannot be contacted from the outside.
Secure processing and storage of your data
When your data reaches our cloud, it is processed by our cloud engine. In order to prevent unauthorized or even malicious access to our cloud system, all parts of the cloud engine are protected by state-of-the-art firewalls. In addition, our cloud network is configured to only allow access from specific sources (using Access Control Lists), and only a limited set of authorized personnel have access – and only through multi-factor authentication.
Beyond being secure, our cloud engine is fault tolerant and runs in a redundant configuration to ensure that none of your data is ever lost – or that you miss a critical event in your data center!
Before being committed to storage, your data is tagged as yours. Your data is segregated from other customers data by a unique identifier. This way the system always knows which data belongs to who. In addition, the cloud engine keeps a complete audit trail of the data received and the data processing, so we can always retrace our steps and see where your data has been and what it has been used for.
Data is stored at a Cloud Provider in the United States, which EU-US Privacy Shield self-certified.
Securely accessing your data
After processing, your data is made available to you in the StruxureOn app. Being able to access your data everywhere is a great feature – but it can also be a huge security concern. We recognize this, and have designed and built the StruxureOn app to mitigate this concern.
We always transmit data to your app using HTTPS TLS 1.2. In addition, logging in to the app requires either a specifically generated one-time code sent to your mobile number, or using your device’s biometric security features. Of course, to ensure the security of data on your device, we recommend that you keep your device up to date with the latest security updates from your manufacturer, and that you lock your device using a strong passcode.
In today’s world cybersecurity is a moving target. New threats and vulnerabilities are discovered daily. That’s why all personal involved with the development of StruxureOn have undergone and continue to undergo rigorous cybersecurity training. Only cybersecurity trained personal have access to the StruxureOn systems, and always using multifactor authentication to prove their identity. All access to all StruxureOn systems is securely logged and continuously audited.
StruxureOn is maintained and operated by a core DevOps team with extremely high standards for cyber security and data privacy. All parts of the StruxureOn system are continuously monitored and scanned for potential security vulnerabilities or privacy issues. The DevOps team is on-call 24/7 and able to react promptly to newly discovered threats or issues.
Continuous external security audits are performed.
HOW WE HANDLE YOUR DATA
We collect sensor data and alarms from critical infrastructure devices, that you choose to share with us. We only collect data about the performance of your equipment, and metadata such as where it’s located and how old it is.
EcoStruxure IT does not access any data stored on your servers or storage, or monitor any traffic passed through your network.
WHAT DO WE USE YOUR DATA FOR
Firstly, we process and store it for you, so it’s available to you anywhere in the world through the Mobile Insights app. But more importantly, sharing your data with us allows us to optimize the services and products we provide, to help you optimize your data center, and to enable you to benchmark yourself with peers worldwide.
Frequently asked questions about security
HOW OFTEN IS DR PERFORMED FOR PRIMARY AND BACKUP SERVERS?
EcoStruxure IT runs in a high availability active-active configuration on all components which means we’re constantly moving load between servers to avoid issues.
Databases are backed up once per day to a geographically replicated data store.
HOW IS CYBER SECURITY TESTED ON ECOSTRUXURE IT?
We continuously run automatic scans against our production environment. The scans cover both vulnerabilities in the servers and our own code. We use a selection of leading tools for DAST and SAST for dynamic and static validation.
HOW ARE NAMES, EMAIL ADDRESSES, AND PHONE NUMBERS STORED AND ENCRYPTED IN THE CLOUD?
Names, email addresses, phone numbers and passwords on users created in the EcoStruxure IT cloud are stored in Auth0. Auth0 is a third-party identity provider which conforms to the EU-US Privacy Shield and is SOC 2 Type II certified. For more information see: https://auth0.com/security
WHAT HAPPENS IN CASE OF SUSPICIOUS LOGIN ATTEMPTS?
After 10 unsuccessful and suspicious login attempts from the same IP the user is blocked. If your account gets locked send an email to firstname.lastname@example.org to unlock it.