How Does Singlewire Secure Data from InformaCast?


Keeping Data Safe

For any organization, data security has become a top priority. Protecting sensitive information is critical, and that means selecting technology that can meet today’s expected safety standards. At Singlewire, we’re always working on enhancing the security of our InformaCast emergency notification software to prevent data breaches. In this blog post, we’ll discuss the ways InformaCast keeps user data safe, and best practices to ensure data security.

Minimizing the Attack Surface

When we talk about data security in regards to InformaCast, there are a number of factors that will impact how well data is protected, including who uses the system, how it is bounded and where it will be installed. To protect data, InformaCast is built to keep people out of parts of the application they don’t need to access. This prevents an admin from accidentally damaging the system in a way that will hurt its performance. The goal is to provide InformaCast users with a consistent experience, where InformaCast performs dependably over time.

When talking about system security, the attack surface is the different points of entry an attacker has to the system. One way to look at the attack surface InformaCast presents is from the network. InformaCast presents an attack surface consisting of a number of services over TCP and UDP protocols. The first line of defense is the Linux kernel and OS. InformaCast runs a customized Linux distribution, designed to remove unnecessary services and software.

While customers may think of InformaCast as a single solution they install, like other technologies, it’s made up of many different parts. Making sure that these open source projects are the right versions and are up to date keeps the attack surface small, helping ensure data security. Singlewire has processes in place to keep the open source software that we, and by extension our customers, depend on up to date.

Using Trustworthy Sources

Trust is a foundational piece of security. Our customers trust Singlewire, so Singlewire must be choosy about whom we trust. Singlewire builds its OS packages from source, which means we no longer trust upstream distributions. This removes the middleman between Singlewire and the projects that create open source code, allowing Singlewire to say with a level of certainty that we’re not taking someone else’s word for it when it comes to this part of data security. We know it’s secure because we’re directly connected to the people making it.

With the most recent versions of InformaCast Advanced 12.0.1, InformaCast Fusion and InformaCast Paging Gateway, we are recognizing that InformaCast and Paging Gateway are purpose built appliances, not general purpose computers or Linux environments. As such, we’ve taken steps to prevent customers from installing their own software. This helps us provide a consistent and supportable environment for InformaCast. We want you to be sure that when you choose to send your message, it gets to where it’s going as quickly as possible.

Guarding Against Less Obvious Threats

It can be easy to develop protections against obvious threats, but our system also prevents InformaCast from being attacked in less obvious ways. That’s why we give users the ability to encrypt data when doing a back up by setting a passphrase. This puts more control into the hands of our users. The passcode is only known by the person who sets it and cannot be discovered by Singlewire. When a backup takes place, we use the passphrase to encrypt the backup and send it to the customer’s storage system. When it comes time to restore, Singlewire can validate that the data is accurate and has not been modified.

Continuing the Security Journey

Issues with data security can occur for a number of reason, but one of the most common is not keeping systems up to date. With each new release, Singlewire revisits how it keeps data secure to make sure we are using the most modern protection methods. This is why it’s important to keep everything up to date. Older versions of software and browsers may impact performance and leave users vulnerable to security threats.

Remember that data security is a journey not a destination. Threats are always evolving and each network is different. As we move through 2018, we’ll continue examining our security measures and work to provide the most secure environment possible for our software.

Note: The majority of security details in this blog post cover InformaCast Advanced. For information about data security related to our other service level offerings, please download the security document for InformaCast Mobile and InformaCast Fusion.



InformaCast Online Demo