Sensat understands that the security and integrity of the data which its customers provide it with is paramount and a fundamental reason why they decide to use the Sensat suite of products and services.
Accordingly, Sensat aims to abide by the highest information security and privacy standards in order to provide peace of mind to all of its client base and, in doing so, strives to meet the required security standards to protect its customer base from security vulnerabilities and puts in place security measures, policies and procedures to comply with applicable data security standards.
To this end, Sensat is both Cyber Essentials and ISO 27001:2013 certified, with more certifications to follow as the Sensat group grows.
Applicable certificates are available upon request. In addition, in certain circumstances, a summary of the latest penetration test can be made available, but only under Sensat NDA.
For these purposes, and unless otherwise defined herein, defined terms shall have the meaning given to them in the Sensat Platform Terms and Conditions.
How does Sensat handle and process Customer Materials?
- Access: Customers and their respective Users have access to the Customer Materials via the Sensat Platform. Customers can control who can view, edit, upload and download any information or data based on their applicable credentials and permissions. In addition, suitably-trained Sensat personnel handle and process Customer Materials for the purpose of providing the relevant services and ensuring Customers receive an outstanding customer and user experience. Authentication to the Platform is handled by a reputable IDaaS service (Auth0, an OKTA company) and protected by strong password policies (such as minimum password complexity, disallowed password dictionaries, disallowed personal data, password history, etc), protected from bot attacks and anomalies based on suspicious IPs, breached credentials and user context. Single Sign-On (SSO) is supported for Customers who want to implement their own access policies.
- Transfer: Data and Customer Materials are transferred over secure HTTPS connections, with industry-standard high-grade TLS 1.2+ encryption and strong ciphers1, targeting A+ reports at all times. We limit the duration of Platform sessions and will automatically log Customers and Users out of the Sensat Platform after a certain time (namely 3 days of inactivity and 7 days regardless of activity).
- Back-up: Sensat handles and processes two types of Customer Materials or data: (1) uploaded files & derived data stored in Amazon S3 (e.g. maps, point clouds, models etc) and (2) metadata relating to customers, users & uploads, or created by users (e.g. comments, tags, markups etc) which is stored in a MongoDB database. Remedial mechanisms are in place in both instances in the event of accidental deletion of any such data. In addition, MongoDB is configured with continuous backups, permitting a swift restore (meeting a recovery point objective of 1 minute) to any point in time within the relevant backup window (7 days), and with snapshot backups (hourly and weekly with 1 month retention, monthly with 24 months retention). MongoDB backups are also copied to secure Amazon S3 locations in different regions. The Sensat Platform software itself, along with its configuration, is also under version control, permitting point-in-time recovery, and additionally backed up daily to Amazon S3.
- Storage: Sensat hosts Customer Materials and data primarily in Amazon Web Service (“AWS”) data centers that have been certified as ISO 27001, PCI DSS Service Provider Level 1, and/or SOC 2 compliant. AWS infrastructure services include a number of features which help protect their servers and, therefore, Customer Materials (see AWS’ SLA, and S3 durability and availability guarantees). Sensat uses AWS data centers in the eu-west-2 region (London) for both main and backup purposes (unless a different region is specifically requested by a Customer).
- Network security: The Sensat network is protected via key AWS security services and network intelligence technologies (such as an intrusion detection system, a web application firewall, active vulnerability scanners, VPCs, etc.). In addition, we run extensive internal scanning as well as regular penetration tests across the Sensat Platform using a selection of advanced automated attack tools with authenticated and unauthenticated sessions, both with active and passive scanners.
- Encryption: All communications with Sensat UI and APIs are encrypted via industry-standard HTTPS/TLS (TLS 1.2 or higher1) over public networks, which ensures that all traffic between Customers/Users and Sensat is secure during transit. No Customer Materials or data is stored on local disks, any Customer Materials uploaded to the Sensat Platform are stored on AWS in the United Kingdom (unless a different region is specifically requested by a Customer). All project and user metadata is stored in databases with encrypted disks (AES256 SSE-S3). Only a select few Sensat personnel have access to the database for maintenance purposes.
- Software security: The Sensat Platform development life cycle includes automated checks against all known vulnerabilities of all used software dependencies, which produce automated patches and version updates. This is reinforced also via manual code reviews, and automated scans of all software images and servers
- Segregation of customer data: The Sensat Platform stores all the assets relative to a project in a separate location. Every request to any asset for a project is signed against the authenticated user session, and protected by AWS Cloudfront signed URLs and signed cookies. The request signature is only valid for a few seconds, so it cannot be replayed.
- Disaster Recovery: In the event the Sensat Platform becomes unresponsive (due to deployment or code change issues for example) there is a rollback mechanism to restore the previous working setup. Sensat teams also run an internal post-mortem analysis, to correct errors and prevent any such future occurrences. In the event of database data loss or unresponsiveness, the last backup is restored with minimal downtime.
- High Availability: We offer a 99.5% availability SLA. All servers are redundant and set up to auto-scale based on demand. The webpage is served via regionalised CDNs. The project files are served directly from high-availability AWS S3 endpoints.
All data management and information security policies and processes are implemented and handled in full compliance with ISO 27001.
(1) As of writing, the supported ciphers are:
TLS v1.3 ciphers:
- TLS_AES_128_GCM_SHA256 128 bits (ECDHE 256 bits)
- TLS_AES_256_GCM_SHA384 256 bits (ECDHE 256 bits)
- TLS_CHACHA20_POLY1305_SHA256 256 bits (ECDHE 256 bits)
TLS v1.2 ciphers:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits (ECDHE 256 bits)
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits (ECDHE 256 bits)
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 bits (ECDHE 256 bits)
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits (ECDHE 256 bits)
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits (ECDHE 256 bits)