10: Security & Compliance
      Back to home
      1. Home
      2. 10: Security & Compliance

      Rayven Cyber Security Overview

      Introduction

      Rayven places security at the forefront of its platform, ensuring that data is protected at every point within the software environment. Our proprietary security architecture, combined with Microsoft Azure's robust security features, provides a comprehensive framework for safeguarding data and maintaining the integrity of our services.

      How Rayven Protects Data

      1. Private Cloud Hosting

      Rayven solutions are hosted in a secure, private cloud environment. This approach ensures that all data processing and storage occur within a tightly controlled infrastructure, isolated from other environments, which minimizes exposure to potential security threats.

      2. Data Encryption in Transit

      • Device-to-Cloud Encryption: Rayven utilizes SHA-256 with RSA encryption to secure data transmission from devices to the cloud, ensuring that sensitive information remains confidential during transmission.
      • Device Authentication: Devices are authenticated using device keys, providing an additional layer of protection.
      • 256-bit SSL Encryption: All communications between end-user devices (e.g., PCs, tablets, mobile phones) and the cloud are secured with 256-bit SSL encryption, ensuring that data remains safe while in transit.

      3. User Access Revalidation

      Rayven dynamically validates user access through APIs, ensuring secure, real-time control over user roles and permissions:

      • API-based Revalidation: User permissions and roles are continually validated against user data via API calls.
      • Real-time Updates: Access validation is dynamically updated, utilizing API calls to ensure current permissions are enforced.

      4. Compulsory Password Requirements

      To protect user accounts, Rayven enforces strict password requirements:

      • Minimum of 8 characters.
      • At least one uppercase and one lowercase character.
      • At least one number and one special character.

      5. User Data Encryption at Rest

      Rayven encrypts all user data at rest to prevent unauthorized access:

      • Triple DES Encryption: Utilized for secure data storage, providing robust protection for sensitive information.
      • One-way SHA256 Hash for Password Encryption: Ensures that user credentials are securely hashed, making them irretrievable and preventing unauthorized access.

      6. Multiple Methods of API Authentication

      Rayven offers flexible API authentication methods, enhancing security:

      • Username/Password Authentication: Basic authentication for users.
      • Multifactor Authentication (MFA): Provides an additional layer of security by requiring multiple forms of verification.
      • Token-based Authentication: Protects against unauthorized access by using tokens for session management.

      7. Single Sign-On (SSO)

      Rayven supports Single Sign-On (SSO) configurations, enabling seamless and secure user authentication across multiple systems, reducing the need for multiple credentials.

      8. Security Event Monitoring and Incident Handling

      • Dedicated Event Monitoring: Rayven monitors both user and device activity in real-time to detect and respond to anomalies.
      • Incident Handling: Rayven’s Flow Builder allows for the creation of custom workflows for incident handling, ensuring rapid response and resolution to security incidents.

      9. Data Confidentiality, Integrity, and Availability

      Rayven employs industry-leading encryption protocols to protect data at every stage:

      • In Transit: SHA-256 with RSA encryption secures data as it travels from devices to the cloud.
      • At Rest: Optional 256-bit AES encryption ensures data remains secure when stored.
      • During Use: SHA-256 with RSA encryption protects data when accessed from the cloud to end-user devices.

      10. Device Security Health Checks

      Rayven continuously monitors and assesses the security of devices:

      • Automated Security Checks: Devices undergo security health checks through automated polling and pull requests.
      • Rayven Defender: Monitors data flow to detect anomalies, including signs of device tampering or errors.

      Security Features Supported by Rayven

      Rayven’s platform integrates various industry-standard security protocols to protect IoT environments:

      • TLS Handshake Protocol: Ensures secure communication between clients and servers by authenticating both parties and selecting encryption algorithms before data transmission.
      • TLS Record Protocol: Provides encryption and data encapsulation over TCP to maintain secure connections.
      • SSL Encryption: Secures data transmissions between user-operated devices and the Rayven platform.
      • Certificate-based Device Authentication: Uses private and public key pairs for device authentication at the physical layer, ensuring that private keys remain secure.
      • Bearer Tokens: Enables devices and services to authenticate without sending keys over the network, reducing the risk of exposure.
      • Database Encryption: Encrypts structured database contents at rest, ensuring that data remains protected (available for private cloud customers).
      • SFTP: Provides secure file transfers between local and remote systems.
      • VPN: Offers whole-server security, enabling devices and users to securely connect to the Rayven platform (available for private cloud customers).

      Microsoft Azure Security Integration

      In addition to Rayven’s proprietary security features, the platform leverages Microsoft Azure’s robust security offerings:

      • Azure Security Center: Identifies security risks and provides recommendations, including tools for threat management, alerts, and access controls.
      • Azure Policy: Enforces security-focused policies, restricting certain configurations like public IPs for virtual machines and managing permissions within subscriptions.
      • Role-Based Access Control (RBAC): Defines and enforces specialized roles for Azure resources, utilizing pre-defined or custom roles for enhanced control.
      • Resource Locks: Adds an extra layer of protection by preventing unauthorized changes to Azure resources.
      • Custom Dashboards: Allows users to create and monitor security alerts for Azure services, health issues, and network changes.

      Conclusion

      Rayven’s platform offers comprehensive, end-to-end security for your IoT environment, utilizing a combination of proprietary security measures and Microsoft Azure’s security framework. Whether protecting data in transit, at rest, or during use, Rayven ensures that your solutions remain secure, scalable, and resilient to threats.

      For more information on Rayven’s security architecture or to configure security settings, please contact your Rayven Account Manager.