The sdk encrypts the device data such as device status, charge status, usage duration, etc and more which can be configured as per the client requirements. Based on the Client needs, we also have dashboarding capability for better visualisation. With prior and proper permissions, Cardinal Robotics enables remote access for diagnostics in case of issues and obtaining device logs and running commands on the device such as update firmware, remote immobilisation of the asset, etc.The data is access controlled using comprehensive role based access control. The data retention policies are defined as per the client requirements.
We use Mutual Transport Layer Security (TLS) for two-way authentication between client and server. This ensures that both parties are who they claim to be. Additionally, TLS provides data encryption to protect sensitive information during transmission.
Our systems are configured to communicate by default only with authorized servers. This reduces the risk of data being intercepted or manipulated by unauthorized parties.
Only whitelisted stream's data is transmitted to servers by the agent. Users can dynamically change this behaviour from the web console or APIs using remote actions.
As an extra layer of security, we implement checksum and sig- nature verification for incoming data on devices. This ensures the integrity of the data received, confirming it has not been. tampered with during transmission
We implement Role-Based Access Control (RBAC) in our sys- tems. This security measure ensures that access to sensitive data and critical functions is granted based on predefined roles within the organization. Each role is assigned specific access rights and permissions based on their job responsibilities. This approach not only enhances security by limiting access to nec- essary resources but also simplifies the management of access rights.
We (optionally) deploy our systems on customer's premises ensuring customers maintain full control over their data
Our systems support multi-tenancy, allowing multiple users to share the same physical infrastructure while keeping their data isolated from each other.
We prioritize the protection of data. We have implemented data classification and handling protocols to ensure the appropriate level of protection is applied to each type of data. We use encryption for sensitive data, both at rest and in transit, to protect against unauthorized access.
We enforce the principle of least privilege, meaning individuals are granted only the access rights they need to perform their job functions. This includes implementing Role-Based Access Control (RBAC) and Single Sign-On (SSO) options with default roles. Access rights are regularly reviewed and revoked as necessary to minimize the risk of unauthorized access.
We deploy firewalls, intrusion detection systems, and intrusion prevention systems to protect our network. We also conduct regular network monitor- ing and analysis to detect and respond to any suspicious activities.