Architecture, Security, and Privacy

Last updated on June 20th, 2019

You can download a PDF version of this document here.

Our Systems

Our systems primarily reside in AWS & Digitalocean, and are architected as follows:



Tablet displays operate via a native web app, which securely authenticates and accesses
third party calendar services, such as Office 365 and G Suite. Your login information is
transmitted directly to servers operated by Microsoft and Google, and is neither stored, or
passed through our servers. Once authenticated, a security token issued by Google or
Microsoft is stored on our servers or your device, which can later be used to access a limited range of calendar data.
Our servers store a minimal configuration file, which describes the options you have
configured in the Meeting Room 365 Admin portal. This is loaded to your device each time
it is accessed.
All network traffic is encrypted (HTTPS / SSL). We avoid storing any PII (personally-
identifiable information) directly on our server, with the exception of your account
administration email address, which is part of your account. Billing is handled by a third
party, in a PCI-compliant data-center.

Amazon AWS

ec2-13-56-48-87.us-west-1.compute.amazonaws.com

Continent: North America
Country: United States
State/Region: California
City: San Jose
Latitude: 37.3388 (37° 20′ 19.68′′ N)
Longitude: -121.8914 (121° 53′ 29.04′′ W)
Postal Code: 95141


AWS carries the following certifications, programs, reports, and third-party attestations:

CJIS, CSA, Cyber Essentials Plus, DoD SRG Levels 2 and 4, FedRAMP, FERPA, FIPS 140-2, FISMA &
DIACAP, GxP, HIPAA, IRAP, ISO 9001, ISO 27001, ISO 27017, ISO 27018, ITAR, MPAA, MTCS Tier 3,
NIST, PCI DSS Level 1, SOC 1, ISAE 3402, SOC 2, and SOC 3.
See
(https://d1.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf)
for more details.

AWS Security Whitepaper:
(https://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf)

Digitalocean

inetnum: 178.128.0.0 - 178.128.15.255
netname: DIGITALOCEAN
country: US
admin-c: PT7353-RIPE
tech-c: PT7353-RIPE
status: ASSIGNED PA
mnt-by: digitalocean
created: 2019-04-17T13:47:21Z
last-modified: 2019-04-17T13:47:21Z
source: RIPE


Digitalocean is a cloud datacenter provider, with data storage locations globally. We primarily store data in the SFO region, although we may expand to European and Asian (Singapore) data-centers in the future to improve performance for customers in those regions.

DigitalOcean is certified in the international standard ISO/IEC 27001:2013. By achieving compliance with this globally recognized information security controls framework, audited by a third-party, DigitalOcean has demonstrated a commitment to protecting sensitive customer and company information. That commitment doesn’t end with a compliance framework, but is necessary baseline for security.

DigitalOcean has also received EU-U.S. and Swiss-U.S. Privacy Shield Certification, as well as SOC 2 Type II, and PCI-DSS certification.

You can read more here: https://www.digitalocean.com/legal/compliance/

Cloudflare (DNS)

DDOS Protection, Content Distribution Network, and DNS Redundancy

Customer data does not pass through Cloudflare

Stripe (Payment Processing)

Third-party, PCI-compliant, GDPR-compliant billing providers.

Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

You can read more here: https://stripe.com/docs/security/stripe

Office 365 and G Suite API Access

Your Office 365 and G Suite data is accessed via a delegated token, which is stored on either our server or your device.
No end-user data is stored, including meeting times, subjects, and participants.

To facilitate Room Finder and Analytics features, the following information is stored, on a 15
minute interval:

Name of the Display
Whether the display is online, or offline
Whether the display is currently occupied, or available


Additionally, to facilitate the storage of your display configuration, your meeting room email
address is stored, along with your display configuration.

Redundancy

We have no dependence on a single data-center or provider for operations. Our servers are tested to operate with and can be deployed within minutes to three common service providers, and these changes can be reflected with a very low TTL in the event of a major outage or disaster. Additionally, each of our providers operate across multiple data-centers in multiple countries, giving us many options in the event of a large-scale system failure.

Backup systems

We store some data (display configurations) redundantly across data-centers and providers to eliminate the possibility of data loss due to a single point of failure. Additionally, backups are available to each user via their dashboard, at any time.

Our databases are backed up on a daily basis, and tested for integrity on a quarterly basis. These exist both on-site, and offsite (less frequent). "On-site" backups are on a separate physical server.

Our application is stored in a Private Git repository (offsite) ensuring that any system can be rebuilt in the event of data loss. Additionally, our service providers provide reliable onsite backup systems which can be used to resolve any issues quickly and efficiently.

Privacy

We take privacy very seriously, and believe that the best way to protect your sensitive data is to eliminate the need to collect and/or store personal data (PII) when possible.

Because of this, we limit the amount of tracking and analytics data which is collected and stored, and limit their access to PII in all cases. In most cases, the only PII routinely stored or handled by our systems is your local IP address, and account email address. The primary exception to this is data processing (without storage) of meeting event data, and the tokens which are used to access that data.
Was this article helpful?
Cancel
Thank you!