End-to-End Wireless Network Security
User Generated Data and Content
- All user generated data, usernames, passwords, authentication credentials, etc. remain within a customers local network.
Access Point, Platform & System Components
- All communication between Access Points and the cloud is protected by secure HTTP mutual authentication.
- KodaCloud services are deployed inside a Virtual Private Cloud provided by Amazon Web Services. See https://aws.amazon.com/vpc/.
- Each component of the KodaCloud system has isolated permissions. Access is enforced by Amazon’s IAM service. See https://aws.amazon.com/iam/.
- Only authorized KodaCloud developers and Network Operations Center (NOC) experts have comprehensive access to the system via revocable roles and policies.
- The KodaCloud portal does not use any unsecured HTTP sessions or cookies; this ensures web sessions are never compromised.
Web Services and APIs
- Only a thin layer of web services is available externally, and any access is protected by secure HTTP with authentication securely executed by digitally signed key pairs.
- All APIs enforce per-client data isolation, and data ownership checks are performed for any customer-accessible API call.