In today’s digital age, most of the industries heavily rely on data to drive innovation and operational efficiency. From supply chain management to production planning, data plays a crucial role in every aspect of the manufacturing process. However, the use of external sources and cloud-based technologies has made it increasingly challenging to protect sensitive industrial data. As a result, it has become imperative for companies to ensure that their data is stored, processed, and transferred securely. Failure to do so not only poses a significant risk to the confidentiality and integrity of the data but can also result in financial and reputational damage for the organization.
At VSight, we understand the importance of protecting our customers’ data, which is why we constantly focus on privacy and security comprehensively. We believe that building a robust privacy and security program is the first step in gaining our customers’ trust and confidence in how we value, treat, and safeguard their data. Our commitment to complying with the General Data Protection Regulation (GDPR) is unwavering, and we have dedicated significant resources to ensure compliance.
Our sensitivity to complying with these regulations ensures that our customers’ data is processed and stored securely and that their privacy is protected. By applying state-of-the-art security and privacy measures and adhering to international security compliance standards, we aim to provide our customers with the highest level of protection for their sensitive organizational information.
In this blog post, I will outline these measures and elaborate on our efforts to respect and protect the privacy of our visitors and users in compliance with GDPR, also with other privacy protection laws such as CCPA and HIPAA.
Data Storage
Having flexibility in data storage is crucial for organizations to efficiently manage their data. It allows them to choose the best storage option that suits their needs, whether it be cloud storage, physical storage, or a combination of both. This flexibility also enables them to easily scale up or down their storage capacity based on their changing requirements and ensures their data is accessible from anywhere, improving collaboration and productivity.
We offer several options to our customers when it comes to data storage to choose between storing their data on our US or EU servers. This option allows our customers to comply with data privacy regulations, such as GDPR, and ensures that their data is stored in the location that best meets their operational needs. Additionally, our data processing environment is built on the Google Cloud platform. This means that our customers can take advantage of the scalability and reliability of the Google Cloud platform while benefiting from the geographically located data centers that also comply with GDPR and other data privacy regulations.
Apart from the cloud-based options, it is also possible to store the data on your own private cloud or physical server as VSight offers REST API and WebDav integrations upon request. We believe that offering a choice of data storage location and leveraging the Google Cloud platform’s capabilities demonstrate our commitment to providing our customers with the highest level of security and privacy for their sensitive data.
Our platform uses physically secure data centers, which include facilities provided by major cloud storage vendors such as Google Cloud and Microsoft Azure. In particular, we use Google Cloud Datastore as our cloud storage vendor, which are all compliant with certain international information security standards. You can learn more about cloud storage and the organizational security measures VSight implements from this link.
2FA for the Admin Panel
One way to add an extra layer of protection to your account is by implementing two-factor authentication (2FA). 2FA is a security feature that requires users to provide two forms of identification before granting access to an account, making it even more difficult for hackers to gain unauthorized access. With the increasing frequency of cyber-attacks and data breaches, 2FA has become an essential security measure for organizations.
VSight platforms recognize the importance of having strong password management practices to maintain high security standards. In addition to enforcing a set of password requirements, such as minimum length and complexity, and the option to set the specific requirement for password by the admin, we offer an additional layer of security through two-factor authentication (2FA). By enabling 2FA, users can add an extra level of protection to their accounts by requiring a physical device to complete the second authentication factor. This means that even if an attacker gains access to a user’s password, they will still be unable to access their account without the physical device needed to complete the 2FA process.
Moreover, all the data transactions are encrypted in our platforms. To see further details about API security, encryption standards and the overall security mesures that VSight has for authentication, you can visit our dedicated page for security.
End-User Security & Data Encryption
End-user security and data encryption have become essential components in safeguarding sensitive information against cyber threats. With the rise of remote work and cloud-based services, protecting end-users and their devices is more critical than ever. End-user security refers to the measures put in place to ensure that the end-user devices and data remain secure from unauthorized access, theft, or misuse. Data encryption is a fundamental aspect of end-user security and involves encoding sensitive information to prevent unauthorized access.
VSight is aware of the potential internal security risks that may arise from compromised end-user machines used by its employees. To address this, we have implemented a comprehensive set of security measures. These measures include hard drive encryption to protect data, secure data erasure upon decommissioning of laptops, virus/malware protection with automated updates, browsing/traffic control to monitor and filter network traffic, and centralized domain-based authentication. Through these measures, VSight aims to minimize the risks associated with compromised end-user machines and ensure the highest level of security for its employees and customers.
Moreover, to ensure the protection of its customers’ data, VSight has implemented two key strategies: data encryption for long-term data and limited data retention for short-lived data. VSight retains data processing logs for a minimum of three days, after which they are securely deleted. Additionally, upon a customer’s request, VSight provides true data anonymization through data redaction, which is a one-way process that substitutes original data with a predefined set of characters that reveal no information on the original data except that it was anonymized. This approach allows VSight to offer customers the ability to keep their data private and secure while adhering to applicable legal requirements.
To learn more about VSight’s end-user security measures, data encryption and secure data redaction, you can check this link.
360° Awareness in Security
Providing assistance for our customers to reduce downtime and increase operational efficiency is one of our key goals in VSight. To achieve that, we are constantly monitoring every step that we take about our platforms, including updates and new releases to avoid any potential problem that can cause a security breach or a possible downtime of our own services. Achieving it requires a full-fledged awareness in security.
We keep a close eye on notifications and alerts from multiple sources to detect and handle potential dangers. Before making any code available, we check it for security weaknesses, and we regularly scan our network and systems. Once the tests are done, our engineering team reviews the results. If a new or unfamiliar risk is discovered, it’s logged in our internal issue tracking system and evaluated by our software engineering security panel, who are responsible for addressing any issues. In case fixes are necessary to lessen the risks, they’ll be prioritized based on their severity and scheduled in a way that minimizes service disruptions.
Security & Protection Merged with Flexibility
The layers of security and the protective measures we implement in our platforms also work together with our value proposition of enhanced collaboration by removing physical boundaries. Depending on the geographical location, industry or the scope of operations of our customers, it is possible to choose certain preferences regarding security and data storage. The main highlights of our emphasis and offerings regarding security of our users can be listed as;
- Flexible data storage preferences (US, EU or internal servers; duration of the storage)
- 2FA and custom password requirements by the admin
- Device based end-user security
- Strong encryption methods
- Full-fledged security awareness and monitoring
The importance of data security in today’s industrial operations cannot be overstated. With the increasing use of external sources and cloud-based technologies, companies face a daunting task of protecting sensitive data. As VSight, we recognize the significance of data protection, and our comprehensive privacy and security program is a testament to our commitment to ensuring the highest level of security and privacy for our customers’ data. We offer flexible data storage options, 2FA for the admin panel, and end-user security and data encryption measures to safeguard sensitive information against cyber threats and many more. By complying with the GDPR and adhering to international security compliance standards, we guarantee that our customers’ data is processed and stored securely, and their privacy is protected.
As VSight, we apply best state-of-the-art security practices complying with the international security rules and compliance. The encryption infrastructure is applied in all our software components for maximum protection. The protective measures and flexibility offered to our customers are to ensure that the customers data remains to be their data securely, enabling them to collaborate with each other in our platforms where they don’t need to worry about their security and protection to maximize efficiency during their industrial operations.
