Ubicquia's Security Framework
GET THE INFOGRAPHIC
Cyber security threats have grown increasingly sophisticated in recent years alongside the rise of industrial AI. In response, Ubicquia has bolstered its protocol and remains dedicated to elevating security standards across the smart city data management industry.
We structure our security strategy around five key pillars:
1. Planned
Our security framework is fundamentally secure by design. This includes routine audits and a robust implementation of Defense in Depth (DiD) strategies that provide multiple layers of protection against various threats. Our formalized security program is structured to preemptively identify and mitigate risks, ensuring resilience and compliance at all operational levels.
2. Segmented
We rigorously apply a zero-trust security model across our network, ensuring strict access controls and separation of environments and sub-environments. All network traffic within Ubicquia is encrypted using TLS 1.2 or higher, with LTE traffic securely managed within a dedicated Access Point Name (APN). This segmentation and encryption strategy minimizes potential attack surfaces and secures data from unauthorized access, protocols that are essential when implementing technologies like police LPR cameras. This segmentation and encryption strategy minimizes potential attack surfaces. It secures data from unauthorized access, protocols that are essential when implementing technologies such as police LPR cameras and distribution transformer monitors.
3. Audited and Certified
Ubicquia’s security practices are regularly reviewed and certified by respected third-party organizations. We are currently compliant with ISO 27001, validating our Information Security Management System (ISMS). Additionally, we are engaged in SOC2 type 2 certification processes to affirm the security of our cloud services. Our products carry the CTIA IoT cybersecurity certification level 1, with plans to advance to level 2 by 2025. We are also CMMC level 1 certified and comply with NIST SP 800-171 rev. 3, ensuring our readiness to meet stringent security requirements.
4. Tested
Our proactive security testing includes routine penetration testing of our cloud infrastructure and IoT devices to identify vulnerabilities. We also participate in the Cybersecurity and Infrastructure Security Agency’s (CISA) cyber hygiene program, receiving weekly reports that help us assess our exposure to vulnerabilities. External PCI scanning is conducted regularly, ensuring that our payment systems are secure and resilient against attacks.
5. Encrypted
Ubicquia takes encryption seriously, implementing end-to-end AES 256 encryption for all data, both in transit and at rest. Additionally, our use of Trust M chips helps secure cryptographic keys on our devices, further enhancing the security of our digital and hardware assets.
Continuous Improvement in Cybersecurity
At Ubicquia, we understand that the landscape of cybersecurity threats is ever-evolving. That’s why approach to security is comprehensive and adaptive. We continually assess, improve, and invest in our security infrastructure to not only meet but exceed industry standards, ensuring that our partners, customers, and their customers can trust in the integrity and security of our solutions.