Security
Efficient and secure operation with GSMCloud's solutions
Proaktiv sikkerhed

PROACTIVE SECURITY

24/7 monitoring of server and network

Driftstatus

OPERATIONAL STATUS

Receive operational notifications via email

OEE live måling

OEE LIVE MEASUREMENTS

Status page with current uptimes

Security beskrivelse

SECURITY DESCRIPTION

Document on general security

PROACTIVE SECURITY

  • Uptimes and critical downtimes are measured 24/7, allowing technical support to react promptly and restore normal operations.

  • The uptime target is 99.9% measured over a 3-month period.

 

  • The system is equipped with an alarm function that automatically alerts our support department in case of critical incidents. 

 

  • The downtime target is a maximum of 20 minutes, including scheduled maintenance. 

  • You can subscribe to operational status emails, providing information about scheduled maintenance or acute operational disruptions.

 

  • The devices can be monitored for communication loss or power failure, and the system automatically sends notifications.

 

  • There are test units with the operations responsible, which automatically alert technical support in case of outages lasting more than 10 minutes.

OPERATIONAL STATUS

  • For planned maintenance, such as server updates, you can subscribe to an email service that provides information about the operation.

  • The email service will also send messages in the event of sudden downtimes or other critical impacts on security.

  • You can subscribe to this email service through your profile on gsmcloud.dk.

 

  • The service can be unsubscribed at any time if you no longer wish to receive this information.

OEE LIVE MEASUREMENTS

  • On the page status.gsmcloud.dk, you can see the currently measured uptime. It is also referred to as OEE 'Overall Equipment Effectiveness'.

 

  • Under de 3 OEE-målinger, kan man se de aktuelle og historiske planlagte vedligehold og akutte nedetider driftsforstyrrelser. 

 

Eksempel på statusside:

 

  • HTTPS Enforcement:

To ensure secure communication, all data transmitted between end-user devices and our platform is enforced with HTTPS (Hypertext Transfer Protocol Secure). This means that any data exchanged is encrypted, preventing unauthorized access or eavesdropping on sensitive information.

  • Logging and Retention:

We maintain comprehensive logs of all user requests and interactions with our platform. These logs are retained for a period of 14 days. This retention period helps us track and analyze user activity, troubleshoot issues, and investigate any security incidents or anomalies.

  • Abnormal Traffic Investigation:

Our security team closely monitors the traffic on our platform. In the event of any abnormal or suspicious traffic patterns, our automated systems trigger alerts, and our experts investigate immediately. This proactive approach allows us to swiftly respond to potential security threats and take appropriate action.

  • Private Network Access:

All databases and storage systems used by our platform operate within a private network. They are isolated and only accessible from the specific servers that need to access them. This isolation helps prevent unauthorized access and reduces the attack surface.

  • Daily Backups with Offsite Storage:

We prioritize data integrity and resilience. To ensure this, we create daily backups of your data. These backups are not only stored securely but are also encrypted. Furthermore, we employ a multi-datacenter strategy, storing redundant copies of your data in separate geographically distributed datacenters. This approach guarantees data availability even in the face of unexpected events.

  • SSL Encryption for Data Transmission:

Any communication with our data storage servers, including backups, is protected with SSL (Secure Sockets Layer) encryption. This encryption ensures that data transferred between servers remains confidential and cannot be intercepted by malicious actors during transit.

  • Protection Against Brute-Force and DDoS Attacks:

We implement advanced security measures to protect against brute-force attacks, which involve repeated login attempts to gain unauthorized access. Additionally, our platform is designed to withstand Distributed Denial of Service (DDoS) attacks, which aim to overwhelm our resources. We use a combination of traffic analysis, rate limiting, and access controls to mitigate these threats and ensure the availability of our services.


Security Measures with the Telecommunications Provider:

 

  • Network Security:

Our telecommunications provider implements comprehensive network security measures to protect data and services. This includes firewall configurations, intrusion detection and prevention systems (IDS/IPS), and regular network scans to detect and respond to potential threats.

  • Data Encryption:

The telecommunications provider employs robust encryption to protect data during transmission and storage. Data sent between their services and user devices is safeguarded using encryption protocols such as TLS (Transport Layer Security).

  • Access Controls:

To prevent unauthorized access to their systems and infrastructure, the telecommunications provider enforces strict access controls. This includes user and administrator authentication, user rights management, and continuous monitoring of access activity.

  • Redundancy and High Availability:

The telecommunications provider maintains redundant systems and data center facilities to ensure high availability of their services. This enables them to maintain services even in the event of hardware failures or unforeseen incidents.

  • Incident Response:

The telecommunications provider has a well-defined incident handling process that activates in case of a security incident. This includes rapid incident identification, mitigation, and reporting, followed by analysis and improvements to security measures.

  • Regulatory Compliance:

The telecommunications provider complies with relevant security and data protection standards and regulations to ensure that user data is processed and protected in accordance with legal requirements.

  • Penetration Testing:

As part of their security practices, the telecommunications provider regularly conducts penetration testing, simulating attacks to identify vulnerabilities and address them before they can be exploited by malicious actors.

Security Measures with the GSMCLOUD hardware:

 

  • Hardware Stability:

Our hardware automatically restarts if it loses connection to the network or if data is not received within the correct time frame. This ensures our customers that their alarms have the highest possible uptime.

 

  • Automatic Provider Search:

If the hardware doesn’t have a connection to the preferred providers, it checks for new providers. If a stable connection is established with the new provider, the system will automatically favor this provider for faster future connections.

 

  • Secured VPN Connection:

Data from our hardware is protected by a VPN tunnel provided through OpenVPN.
This ensures that your data is not intercepted, copied, or rerouted.

 

  • Checksum on Protocols:

Data from our hardware uses a special checksum to ensure that the data arrives correctly.
This allows the system to detect errors in incoming data.

 

  • Power failure Notification

Our hardware sends a notification to the server in case of a power failure, ensuring that the server is always aware if the hardware loses power.

 

  • Input Monitoring:

Our hardware sends multiple short pulses to the inputs per second to ensure that the input status is always accurate.

Get a quote or consultation from our specialist

Considering a product from GSMCLOUD? Get a non-binding quote.