LogoLogo
  • Introduction
  • Organizational security
  • Ubidots Architecture
  • Confidentiality
    • Formatting and Data Accumulation
    • Encryption in Transit
    • Encryption at Rest
    • All of Our Hired Personnel Must Sign an NDA
    • We Only Hire Directly
  • Transparency
    • Periodic Checks
    • Status Page
    • Support Channel
    • Open Source
    • Continuous Hacking to our Own Technology
    • Data Leakage Policy
  • Integrity
    • Isolated Websites
    • Code Management
    • Continuous Scanning for Vulnerabilities
  • Resilience
    • Incident Management and Resolution
    • Data Backup
    • Recovery Objective
  • Non-repudiation
    • Extensive Logs
    • Everything as Code
  • Authentication
    • For Clients
    • Internal
  • Privacy
    • Data Management and Retention Policy
  • Compliance
    • FDA 21 CFR Part 11
      • Validation
      • Audit Trails
      • Electronic Signatures
      • System Access Controls
      • Record Retention
      • Record Protection
Powered by GitBook
On this page
  • Commitment to Security
  • Goals of This Document
  • Audience
  • Content

Was this helpful?

Export as PDF

Introduction

Welcome to the Ubidots Security and Compliance Guide. In this document, we aim to provide a transparent and detailed overview of our security infrastructure, policies, and practices. Our goal is to help IT departments within our customer base, as well as their end-users, have a clear understanding of how Ubidots is committed to safeguarding data and aligning with industry-standard security protocols.

Commitment to Security

At Ubidots, security is ingrained in every aspect of our operations. We recognize the importance of protecting the data you trust to our services, and we are dedicated to implementing robust security measures to ensure its confidentiality, integrity, and availability.

Goals of This Document

  • Transparency: To communicate our security practices and provide clarity about how we manage and protect your data.

  • Alignment: To illustrate how our security measures align with global security standards, helping you meet compliance requirements.

  • Confidence: To show why these standards are important and how they are being addressed, proving our commitment to being a reliable partner who takes security seriously.

Audience

This guide is intended primarily for IT professionals managing Ubidots implementations in their organizations, security analysts assessing risk and compliance, and decision-makers looking to understand the security landscape before committing or scaling with Ubidots.

By the end of this document, you should have a comprehensive understanding of our security framework, practices, and how we strive to meet some of the most demanding security standards required by various industries.

We invite you to explore this guide to better understand how Ubidots is the secure backbone for your IoT solutions.

Content

  1. Organizational Security: How we manage security internally, including roles and responsibilities.

  2. Ubidots Architecture: Description of our platform modules and how they are deployed.

  3. Confidentiality: How data is protected from unauthorized access.

  4. Integrity: How we ensure data is accurate, complete, and protected from unauthorized modification.

  5. Availability: How we work towards maximizing the availability of our services and data.

  6. Resilience: Our processes to recover from incidents and disruptions.

  7. Non-repudiation: Methods used to ensure that actions or transactions can be verified and not denied later.

  8. Transparency: How we communicate these security practices and incident reports to stakeholders.

  9. Compliance and Certifications: How these practices align with known certifications and its principles, such as security, availability, processing integrity, confidentiality, and privacy.

  10. Risk Management: How risks are assessed, prioritized, and mitigated continuously.

  11. Incident Response: How we manage security incidents, from detection to resolution.

  12. Data Protection and Privacy: How we handle personal data, organizational data, and IoT data.

NextOrganizational security

Last updated 10 months ago

Was this helpful?