Revel Digital employs a number of strategies designed to ensure the integrity of not only your content, but also the local network in which player hardware is deployed. Our architecture consists of a SaaS modeled CMS component for web based management and publishing of content, a local player component for playback of the content, and a public facing REST API component for custom integrations. The following diagram illustrates this architecture:
All components utilize standard web based protocols over HTTPS (TLS 1.2 where available). Communications are always outbound from the players which helps to minimize any firewall exceptions.
Application Layer Security
Secure Account Access
Users access their data through the CMS (as1.reveldigital.com), all interactions are held within secure sessions encrypted using TLS. Our Application Programming Interface (API) is also accessible through HTTPS and offers secure sessions. Each user account is authenticated via OAuth secure tokens using either login credentials, or 3rd party OAuth providers including Google, Twitter, and Facebook. Token expiration is 16 minutes. SSL certificates for all public facing endpoints are graded A by Qualys and are encrypted using the latest SHA-256 certificate
- Must be at least 8 characters
- Must contain at least one digit
- Must contain at least on non-alpha character
Passwords are always strongly encrypted and not known to anyone but the user who created it. Passwords are always stored encrypted and never transferred in unencrypted form.
Role-based access control
Each user can be assigned a specific role that allows you to control which features each user is allowed to access. These roles and their privileges are described under User Roles and Privileges. Additionally, we offer granular control over which sources of data each user is allowed to view. This can be used to restrict access to sensitive information only to specific employees or partners. Role level security is enforced on both the client (browser) and server side.
Public endpoints regularly undergo vulnerability scanning to comply with OWASP secure coding practice.
The Revel Digital player app is compatible with a wide range of hardware including Android, Windows, Linux, and BrightSign. As such we do our best to ensure our app is not compromised in any way, but cannot guarantee that the configuration of your hardware meets your security standards unless we properly vet and configure the hardware for you.
In most cases our app runs within a sandboxed environment protecting the underlying OS from any malicious action.
Content downloaded by the player from our CMS is cryptographically signed to prevent tampering. Players will verify the content before playback.
Communications between the players and Revel Digital servers are always encrypted via HTTPS and will utilize TLS 1.2 when available.
Communications are always initiated by the player, outbound to the servers. This helps eliminate any firewall exceptions and complicated router configuration.
No identifying information including usernames or passwords are ever transmitted between players and servers.
Backup / Restoration
Revel Digital utilizes a number of databases from various vendors. The type of database used determines how the data will be backed up. All SQL databases are on a daily backup schedule with a 6 month expiration. Other databases such as those hosted on AWS will retain backups via automated snapshots stored on S3.
Media assets are duplicated on upload to AWS S3 both for long-term storage and for edge based distribution via CloudFront.
SQL backups are restored periodically on a test server for verification.
Revel Digital utilizes Pingdom for server monitoring and down alerts. All critical services are monitored 24/7 with immediate alerting. Issues are generally resolved within 15 minutes of notification. All web server accesses are logged and monitored for abusive or otherwise irregular activity.
Servers are configured with firewall software to only allow connections from necessary ports and/or IP ranges. Players typically only need ports 80 and 443 under normal usage conditions. Other ports necessary for internal usage are restricted to internal IP ranges only. AWS instances are likewise configured with security groups to only allow access from necessary ports and IP ranges.
We utilize a combination of Qualys Vulnerability Management and OWASP ZAP (Zed Attack Proxy). ZAP is regularly used by our internal team to test public facing services for vulnerabilities. Qualys is an accredited service we utilize to provide continuous monitoring and reports.
Revel Digital utilizes a hybrid hosting approach with hosting split between AWS and a local data center. Local servers are hosted in a secure facility associated with the regional 911 dispatch center. Security measures include:
- 24/7 video surveillance both inside and outside the premises
- Entrance restricted by key card at building entrance, data center entrance, and key pad at server rack location
- Generator electrical backup for entire data center along with individual rack based battery backup
General Data Protection Regulation (GDPR)
GDPR requires that personal data breaches be reported to the data subject or the supervisory authority within 72 hours. As such we will alert users with an email in the event of any breach involving data considered personal including, but not limited to first/last name, email address, telephone number, address.