As IoT solutions begin to be deployed at mass scale the question of security becomes even more important. As far as connected coolers are concerned, it is vital that your data is safe, from the moment your assets are connected.
The process for ensuring the security of your data begins at the point of asset manufacture. Nexo uses a proprietary system to lock the controllers to the owner of the asset. Once the asset has been deployed, only users with the proper credentials are able to connect to the asset.
The next layer of security is then applied. Nexo employs a best in class industry standard authentication mechanism which grants specific roles to specific users. These are controlled in the cloud by a central administrator. As standard, Nexo provisions for Service Engineer and Sales Rep roles with a variety of access levels.
A system which provides single user access to devices is particularly vulnerable to mass hacks, as we have seen in this article from Tech Crunch. In contrast Nexo provides unique credentials for individual users, coupled with strong password policies. Individual accounts can be disabled and passwords reset by the central administrator. Ensuring former employees or dissolved third-party partnerships, amongst others, can be blocked from accessing data. This process significantly reduces the potential for any hacks, but in particular mass hacks.
A further security check is completed when the mobile application attempts to connect with any Nexo enabled controller, ensuring that the cooler owner and the mobile application user belong to the same company, and that the user is authorized to connect to the controller. These checks are all completed before data is sync’d onto the mobile device.
The next security layer is in place at the point data is sent into the cloud infrastructure where Nexo maintains a database of information to check the data being presented is from an appropriate source. Only if it passes strict validity checks will it be accepted. If there are any discrepancies the data is quarantined and our security team is notified.
Finally, Nexo also tracks all activity between apps and controllers, providing complete visibility into which accounts have conducted changes on controllers in the field.
All of these security layers provide an end-to-end secure architecture, giving you peace of mind that your data is safe with Nexo. Email firstname.lastname@example.org to find out more.
Simple, cooler thinking