Celebrating Cybersecurity Awareness

Posted by Jon Kelly on 2018-10-23

alt text

Did you know October is The National Institute of Standards and Technology’s (NIST) Cybersecurity Awareness Month? In fact, this week’s theme is “Safeguarding the Nation’s Critical Infrastructure” – like retail fuels facilities!

What are you doing to ensure your automatic tank gauge, a vulnerable network endpoint, is properly secured from increasing online threats to fueling infrastructure?

As an industry leader in data security, Canary Compliance factors security into every decision we make. End to end, from our IoT hardware to our web platform, we are committed to optimizing security and minimizing the risks associated with sensitive data, as outlined in previous blog posts.

Here’s how we approach ATG cybersecurity:

Close the system

Unlike the TCP/IP method of monitoring automatic tank gauges, which leaves multiple ports exposed to third parties for manipulation, the Canary cellular-based system is closed and entirely proprietary. It has no physical or digital “open ports” that expose a client’s network to potential unknown attack vectors.

Limit application access

Canary’s system is the only application running on our hardware, limiting the number of potential security holes from third parties. A site connected via TCP/IP can be connected to many applications, increasing risk exposure.

Encrypt communications

All communications between our device and the cloud are encrypted to ensure confidentiality; APIs are accessible only via HTTPS and uses a 2048-bit TLS certificate

Leverage trusted partners

We exclusively use best-in-class hosting via established and trusted hosting companies like Amazon Web Services, using ISO 27001, 27010, and 27018 physical security and risk management

Manage user access and security

Canary employs strong password requirements, and access control lists to prevent users from controlling applications or devices that are not theirs.

Stay safe and stay #CyberAware – your digital security is too important to ignore online threats!

‹ Back