- Data Security -
SyncSign takes your privacy very seriously and adopts appropriate security measures to protect against unauthorized access, disclosure, alteration, or destruction of data.
SyncSign Cloud runs on AWS, with high-level data center hosting. For more compliance information, please visit AWS Security and AWS Compliance.
Principle of least privilege
We only collect the minimum information necessary to provide our service. Our professionally trained team can only access data that is required to perform their job.
All application servers are located in the United States, but can be accessed internationally via the Internet. The communication between the SyncSign devices (Hub, Node), the SyncSign Applications and the online calendar is managed through Google/Microsoft’s official standard calendar API and authentication, authorized access rights and storing certain credentials in encrypted form for certain calendars. At the same time, no calendar or event information is stored on SycnSign servers. The servers only store emails of room resources, and all other information is obtained through API calls, parsed, and sent directly to the devices. This information is temporarily stored in our cache, just to ensure that the events will still be displayed even if the calendar service is down.
All transmissions between Nodes (Display and Sensors) and Hub are encrypted with AES-128.
The connection between Hub and cloud server are WPA2/WPA3/TLSv1.2 protected.
Decommissioning and data removal
All user data is stored on the AWS, which follows the strict deactivation policy outlined on page 8 of its security white paper: “AWS uses the techniques detailed in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process.”
Uptime and reliability
We constantly monitor our service performance and have automatic notifications to ensure rapid response for service interruptions. All code is audited and approved by engineers before deploying to production servers. We also monitor updates from the security community and immediately update our systems when vulnerabilities are discovered.
The entire SyncSign solution can be set up via free SyncSign Applications (App/Web Portal).
Devices (IoT Hub, Node) are configured by the SyncSign Cloud service, which only runs on servers located in AWS.
All data stored in the SyncSign Cloud is completely anonymous. It does not permit any conclusion about the user’s identity and the individual usage behavior. In addition, all communications between Hub, Node, Cloud and Applications are encrypted.
Regardless of whether you are using the SyncSign Applications or not, SyncSign Applications will never reveal your personal privacy data, and the anonymity of users data is protected 100%