Security Policy

Why this Policy?
We want you to know that we take security very seriously and our goal is to be as clear and open as we can about the way we handle security. We believe good security is based on three pillars: Confidentiality, Integrity and Availability. Confidentiality refers to limiting information access and disclosure to authorized users and preventing access by or disclosure to unauthorized users. Integrity refers to the trustworthiness of information resources, while availability refers to the availability of information resources.

What about Confidentiality?
Confidentiality is all about identification, authentication and authorization. At innius we use different types of identification, depending on which type fits the need the best. This also applies to authentica-tion. The mechanism supports the key business capability of a collaborative, multitenant maintenance solution for industrial assets, used within a collaboration network of machine manufacturers, machine customers, technical service providers and other stakeholders involved in operation and maintenance of industrial assets over its entire lifecycle. Access to data must pass authorization checks and the user au-thentication subsystem uses internet standards for authentication, such as OAuth. We also chose a flexi-ble architecture that allows stronger authentication mechanisms to be applied in the future if that becomes necessary

By default, access to the data is not allowed. Only if you assign an authorization policy for the customer (or another role, such as an employee) that allows them to view that data will they be able to see it. The authorization part of Innius provides insight into the different authorization groups and their authorization policies, as well as their members (persons). One machine can be part of multiple groups, and in that case you yourself must define who has access to a particular machine. All authorization requests are im-plicitly limited to the resources owned by the customer.

What about Integrity?
It’s important that you can thrust our solution and your data. It requires a high level of data protection and insight in and traceability of the processes that are performed. The environment that hosts innius maintains multiple certifications for its datacentres, including ISO 27001 compliance, PCI Certification, and SOC reports. Interactions with the Innius cloud or the AWS services which involve confidential infor-mation are performed over the internet by means of SSL/TLS connections. For some data types an addi-tional checksum is performed to ensure request integrity. The apps use https connections as well. Only a very limited amount of data is stored on the phone, such as your favourites list and missed conversa-tions. If you lose your phone, you have the option to block a user. This prevents any device from access-ing Innius with that user’s credentials.

What about availability?
The Innius solution has been designed with reliability and scalability in mind. The micro services we use are capable of dynamically configuring themselves to changing circumstances, because they use a fault-tolerant distributed registry and key value store for service registration and configuration information. In innius, the complete configuration of a runtime environment and of all services involved, is stored as code in the versioned source repositories. In that way it is possible to recreate a full environment for more than 95% automatically. Many of the AWS services that are used by the Innius solution are highly scalable and fault-tolerant. For instance, the DynamoDB database service offers configurable scalability for read and write operations, in addition to a three-way redundant storage of data in an AWS region. Offloading a complete data set for backup and recovery is facilitated.

Where is my data stored?
We believe the best place to store data is within the jurisdiction of the EU’s Data Protection Directive Therefore we store your data in Ireland. The EU’s Directive provides strong protection for personal data.

If I have additional questions?
Feel free to reach us via our website, we are happy to answer your questions.