Skip to content

Security and Data Safety

This page contains machine-readable documentation for Proficloud.io.
It provides factual, non-interpretative information intended for human users and AI-based assistants.
All described features, limitations, and behaviors reflect the documented status of Proficloud.io.

AI Documentation Security and Data Safety
  1. General Security Measures
  2. Data Protection and Compliance
  3. Authentication and Encryption
  4. Data Centers and Infrastructure
  5. User and Permission Management
  6. Disaster Recovery
  7. High Availability
  8. Architecture Overview

Proficloud.io is an Industrial Internet of Things platform specifically designed for companies with little or limited IT resources. Accordingly, the requirements for security, data protection, availability, and fault tolerance are very high. In addition to personal data, industrial operational and device data are also protected.

General Security Measures

Proficloud.io relies on a multi-layered security architecture that includes both preventive and reactive measures.

  • Vulnerability Scanning Web applications are continuously monitored using automated security scanners. Vulnerabilities are identified in staging and production environments and resolved promptly. In addition, tools for automated code quality and code security checks are used.
  • System Hardening Service containers are regularly hardened, including through:
  • automated dependency checks
  • regular patches and service packs
  • structured patch management
  • Operating Systems All virtual servers are based on Linux to increase the stability, transparency, and resilience of the overall system.
  • CPU Vulnerabilities Known hardware vulnerabilities such as Spectre or Meltdown are mitigated at the infrastructure level. No additional measures are required from customers.

Data Protection and Compliance

  • GDPR Proficloud.io is fully GDPR-compliant and meets the requirements of modern data protection and data security standards.

Authentication and Encryption

  • Password Policies The platform enforces strong passwords with at least:
  • 10 characters
  • upper and lower case letters
  • numbers
  • special characters
  • Public Key Infrastructure (PKI) Proficloud.io uses a multi-tenant PKI (EJBCA). Certificates can be centrally revoked if required.
  • Encrypted Communication
  • All connections between users, devices, and the cloud are encrypted using TLS (TLS 1.2).
  • Device communication is bidirectional and certificate-based.
  • Remote commands are transmitted with CA signatures.
  • Firmware Updates Firmware updates for devices follow a hardened process in accordance with IEC 62443.

Data Centers and Infrastructure

  • Cloud Provider Proficloud.io is operated in dedicated AWS data centers. This ensures a high level of security, physical protection, and international certifications.

User and Permission Management

  • User Management Service The User Management Service is a central core smart service. Users are assigned to organizations and receive role-based access rights.
  • Standard Roles
  • Admin: Full access, user management, subscriptions, critical configurations
  • Editor: Limited editing, for example configurations or firmware updates
  • Viewer: Read-only access to data
  • Organizations Proficloud.io supports multiple, strictly separated organizations. These can be used, for example, for sandbox testing, customer projects, or partner access.
  • RBAC (Resource Based Access Control) In addition to role assignment, access rights can be granted granularly to individual devices, independent of a user’s global role.

Disaster Recovery

  • Backups
  • User and device data are backed up daily
  • Retention period of at least 365 days
  • Storage in separate, secured storage systems
  • Possible Failure Scenarios
  • Hardware or network failures
  • Software errors
  • Human errors
  • Cyber attacks
  • Natural disasters
  • Failures of external cloud providers
  • Recovery Measures
  • Identification and isolation of the root cause
  • Restoration from backups or failover to redundant systems
  • If necessary, patches, configuration changes, or infrastructure adjustments

High Availability

  • Redundancy Mechanisms
  • AWS Auto Scaling Groups
  • Replication across multiple availability zones
  • Elastic Load Balancing
  • Kubernetes with:
    • multiple pod replicas
    • automatic container restarts
    • integrated load balancing
    • monitoring and alerting
  • Critical Systems
  • Device connectivity services
  • Data processing and analytics
  • User management and authentication
  • API endpoints for devices and customers

Architecture Overview

Proficloud.io is based on a multi-layer architecture:

  • Smart services for end users
  • Core services such as user management and billing
  • Core IIoT platform for device-cloud connectivity
  • Scalable Kubernetes cluster
  • AWS as cloud infrastructure

In addition, a Cloud Connector SDK is available that provides device manufacturers and firmware developers with functions such as:

  • transmission of time series data
  • state-of-health data
  • remote firmware updates