At Viam, protecting access to machines and their data is our highest priority. As experts in automation, we take the security and safety concerns that customers and users rightly may have about cloud-based software and smart machines very seriously.
As a result, security is not just a solution feature to us, but rather an intrinsic design choice that the Viam platform is built around, and we made sure to comply with stringent security protocols even before launching our public beta. Viam simplifies the complexity of working with smart machines while offering users the confidence that security is always paramount.
We are dedicated to safeguarding data from hackers and cybercriminals, and meticulously evaluate all engineering decisions and implementations following the principle of least privilege. This security concept states that users should only have access to the data and resources they need to complete a required task, and nothing extra besides that. In this way, the potential attack surface accessible to a potential hacker is reduced.
Strong security considerations are essential for effective smart automation. To achieve this, we provide security best practices spanning both software and hardware, ensuring that both are maximally armored to keep machine data accessible only to those that are authorized to view it.
Viam's robust security architecture
At Viam, we maintain the highest levels of data privacy and security for our customers, their machines, and the data stored in the cloud. Here’s how we do it:
User authentication and role-based access controls
One of the building blocks to proper data security is that users are confirmed to be who they claim they are. The Viam platform leverages a third-party authentication platform to validate and properly verify user identities.
Each smart machine uses a unique smart machine secret, or privileged credential, to securely connect with app.viam.com, customer applications, and other Viam-enabled machines within a local network or over the internet. This authentication is always on, right out of the box when Viam is installed, and doesn’t rely on default settings for passwords and admin access that are typically exploited in common cyberattacks.
Organizational administrators can also authorize which locations and smart machines different authenticated users can access through Viam. This allows administrators full control over who accesses Viam, making it easy to add or remove users. Depending on their role—whether as an owner or an operator—users can access various fleet management capabilities at different organization levels, locations, or machines.
A secure network stack for physical machines
With Viam, you don’t just have full governance of your smart machines and control user access to Viam. Every smart machine also has end-to-end encrypted communications with Viam’s platform, other smart machines, and the client applications they interact with, for data in motion and at rest.
Viam uses WebRTC to create secure and efficient peer-to-peer paths between machines and clients, facilitating fast, low-latency communication across the internet.
Transport Layer Security (TLS) certificates are provided by app.viam.com to ensure that all communication between machines, the Viam platform, and client applications is authenticated and encrypted end to end.
It doesn’t matter whether you are using a custom web application, mobile application, programmatic logic, software development kit, or any other method for running code to your machines; it is all secured the same way.
Strict compliance to data security protocols
Viam's commitment to safeguarding data and machine access is why we designed the Viam security architecture from the ground up, prioritizing security at every step. Our scrupulous security approach ensures protocol compliance and robust protection for your data.
Compliance and certifications
Viam is SOC2 Type I and HIPAA compliant, verified by independent auditors from the moment the inaugural version of Viam launched.
System and Organization Controls (SOC) reports are the result of independent third-party audits examining how Viam achieves key compliance controls and objectives related to cybersecurity. This type of report assesses all of an organization’s cybersecurity controls at a single point in time, which includes how those systems are designed, what tools are being used, and what strategies have been implemented to keep data safe.
Organizations in healthcare and related fields are subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Viam has also been evaluated by credentialed third parties for compliance with HIPAA, and fellow covered organizations that handle protected health information of any kind can use the Viam platform as a secure environment to process, maintain and store this data knowing that it is fully covered by HIPAA norms and regulations.
This wide-ranging compliance with data protection protocols means that Viam adheres to stringent standards for security and privacy, and has confirmed through objective third parties that all communications between machines, the Viam platform, and client applications are properly authenticated and end-to-end encrypted.
Our commitment to continuous machine data security improvement
Viam is dedicated to constantly enhancing our security and privacy features as our platform evolves, as well as sharing these advancements with our users. We believe that securing machines is a collective responsibility, which is why we engage with machine developers and businesses looking to increase smart automation at their worksites to evangelize best practices for data security on smart machines whenever we can.
We are committed to providing reliably secure smart automation tools and services, driving awareness around best security practices for smart machines. Designing for security is a key part of our engineering process, not an afterthought. If you are considering improving machine security at your manufacturing facility or other worksite, we can help. Get in touch to see how Viam can support your machine data security needs.
