Cardinal Security

Solutions Page -> Cardinal Security

Cardinal Robotics offers Cardinal Security: a comprehensive and secure data collection capabilities for Robots that are connected to the internet.

The sdk encrypts the device data such as device status, charge status, usage duration, etc and more which can be configured as per the client requirements. Based on the Client needs, we also have dashboarding capability for better visualisation. With prior and proper permissions, Cardinal Robotics enables remote access for diagnostics in case of issues and obtaining device logs and running commands on the device such as update firmware, remote immobilisation of the asset, etc.The data is access controlled using comprehensive role based access control. The data retention policies are defined as per the client requirements.

  • Cardinal Robotics will provide a remote firewall management solution using which can control all the internet services a Robot can access.
  • The solution is OEM Agnostic with features such as Role based access control, data visualization and Over-the-air (OTA) update capabilities.
  • The Security solution will be deployed on infrastructure managed by Cardinal or on-prem based on client needs

MEASURES IN PLACE FOR YOUR DATA SECURITY

NETWORK SECURITY

Mutual TLS for 2-way Authentication and Data Encryption

We use Mutual Transport Layer Security (TLS) for two-way authentication between client and server. This ensures that both parties are who they claim to be. Additionally, TLS provides data encryption to protect sensitive information during transmission.

Default Communication with Authorized Servers Only

Our systems are configured to communicate by default only with authorized servers. This reduces the risk of data being intercepted or manipulated by unauthorized parties.

Dynamic Data Stream Access Control Lists

Only whitelisted stream's data is transmitted to servers by the agent. Users can dynamically change this behaviour from the web console or APIs using remote actions.

Checksum and Signature Verification for incoming actions

As an extra layer of security, we implement checksum and sig- nature verification for incoming data on devices. This ensures the integrity of the data received, confirming it has not been. tampered with during transmission

Role-Based Access Control

We implement Role-Based Access Control (RBAC) in our sys- tems. This security measure ensures that access to sensitive data and critical functions is granted based on predefined roles within the organization. Each role is assigned specific access rights and permissions based on their job responsibilities. This approach not only enhances security by limiting access to nec- essary resources but also simplifies the management of access rights.

On-premises Deployments

We (optionally) deploy our systems on customer's premises ensuring customers maintain full control over their data

Multitenancy

Our systems support multi-tenancy, allowing multiple users to share the same physical infrastructure while keeping their data isolated from each other.

SECURITY FEATURES

Data Protection

We prioritize the protection of data. We have implemented data classification and handling protocols to ensure the appropriate level of protection is applied to each type of data. We use encryption for sensitive data, both at rest and in transit, to protect against unauthorized access.

Access Control

We enforce the principle of least privilege, meaning individuals are granted only the access rights they need to perform their job functions. This includes implementing Role-Based Access Control (RBAC) and Single Sign-On (SSO) options with default roles. Access rights are regularly reviewed and revoked as necessary to minimize the risk of unauthorized access.

Network Security

We deploy firewalls, intrusion detection systems, and intrusion prevention systems to protect our network. We also conduct regular network monitor- ing and analysis to detect and respond to any suspicious activities.

Compliance with SOC2 and ISO 27001, HIPAA & GDPR standards