Menu

Legal + Security

OptiRTC, Inc. Statement on Security

Introduction

We at Opti develop and deploy solutions to continuously monitor and adaptively control distributed stormwater infrastructure. Built on Microsoft Azure, our technology dynamically controls the timing and rate of flows through stormwater storage systems to improve water quality, prevent localized flooding, and reduce combined sewer overflows. Ensuring the Opti Platform remains secure is vital to this mission.

Opti is a Software as a Service (SaaS) provider; the source code is the exclusive protected intellectual property of OptiRTC, Inc. and is not provided to customers. All services are accessed by customers in accordance with our Master Services and License Agreement and Platform Terms of Use.

Our security strategy outlined below covers all aspects of our business, including:

  • Management Controls
  • System Interconnection & Information Sharing
  • Local Failsafe Included
  • Security Review and Upgrades
  • Compliance Standards

Management Controls

Risk Assessment and Management - Every Opti employee signs an Employee Confidentiality and Assignments Agreement that binds them to the terms of our data confidentiality policies. Access rights are based on an employee’s job function and role. Only limited senior technical staff have access to critical systems.

Physical and Environmental Security at Opti offices - Our offices are secured via physically locked doors. At our corporate offices in Boston, all visitors are logged via a camera system inside the entrance. All company services are hosted in off-site public cloud data centers. No services accepting inbound network connections are hosted on premises. We monitor the availability of our office network and employ multiple WAN providers to maximize uptime.

Trust Anchor Lifecycle Management - Choosing the appropriate technologies is the first step in providing secure network services. The Opti Platform includes a credential management service that manages the entire lifecycle of secure keys used by other platform services. This system facilitates automated deployment and rotation of necessary credentials to services, and enables all tiers of Opti services to run with the least necessary privileges to function normally. Access to the credential administration service, and any underlying infrastructure, occurs over connections secured by keys housed on NIST FIPS 140-2 Level 3 encrypted thumb drives in the personal possession of key senior developers.

System Interconnection & Information Sharing

Connections to Services - There are no connections between Opti and internal client information systems. All user access to Opti services is provided over Hypertext Transfer Protocol (HTTP) and Websocket Protocol (WS) within all connections encrypted by Transport Layer Security (TLS) via web browser or via application programming interfaces (APIs), if applicable.

Scalability/Reliability of Architecture - All Opti services are deployed with redundant instances across multiple fault zones within Microsoft Azure data centers for high availability. All data records are replicated into 6 copies across two Azure data centers for availability and durability. Internal messages between Opti Services pass through redundant Service Bus message channels for resilience against message infrastructure outage. Opti usesthird-party Application Performance Monitoring solution to monitor and consolidate performance logs of all of its production services, which provides real-time visibility into service interruptions. Application service log data is ephemeral.

Encrypted Messages - Web browser connections to the Opti Service require encrypted sessions negotiated with TLS 1.0 and above. Opti supports forward secrecy, and prohibits insecure connections negotiated using SSL 3.0 and below or the RC4 algorithm. When deploying monitoring and control devices outside of a physically secured area - for example, at a stormwater facility - securing messages by securing access to the network is only the beginning of an effective strategy. For Opti control solutions (i.e., OptiNimbus) and all Opti installations deployed with the Opti Thunder and Lightning web gateways, device-specific secret keys are used to encrypt each message according to the DTLS specification for transmission over the network. Our standard hardware encryption specification for controlled systems is NIST approved AES-128 or AES-256.

Local Failsafe Included

Opti services collect, store, process, and act on information obtained from field sensors and Internet based web services to monitor and improve the function and performance of stormwater facilities. Proper design of associated physical civil infrastructure systems mitigates the extent of impact of loss of availability of the Opti services. All Opti control systems are deployed with pre-configured failsafe positions and the ability to independently revert to these positions when disconnected from the cloud for an extended period of time, or when all power sources have failed. Failsafe positions are determined in consultation with the customer during the design phase of product deployment. Customers with physical access to the Opti control panel can also locally set the position of the valve through the Opti control panel at any time.

Security Review and Upgrades

Review - Opti utilizes external third party security auditing services to independently evaluate our security policies, approaches, services, and infrastructure.

We regularly test the encryption of our services via the publicly available services provided by Qualys SSL Labs and endeavor to maintain an Overall Rating of “A” as the requirements for enabling secure connections on the web continue to evolve.

Upgrades in Development Lifecycle - Opti plans and executes changes to the Opti Platform and the Opti Platform Products in Release Cycles. In a Release Cycle planning meeting, product managers and senior engineering managers evaluate all proposed changes and review potential conflicts between the requested changes and the existing experience being delivered by each product. Separate reviews may be conducted when a change influences access control systems or involves a new source of information in an alarm or control decision.

Opti uses the Git version control system to track changes to its codebase. Changes to the Opti Platform and any of the Opti Products go through a suite of automated tests and a senior code review before being approved as part of a new feature. Features are tested on an isolated QA environment that runs on identical infrastructure as production prior to merging the features with the production branch. Senior software engineers have the ability to expedite this process when a new flaw is uncovered to minimize delay in getting critical updates into production.

Compliance Standards

Data Center Security Compliance - Opti uses cloud services hosted in data centers that meet “a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards including Australia IRAP, UK G-Cloud, and Singapore MTCS.” Our provider has “adopted the uniform international code of practice for cloud privacy, ISO/IEC 27018, which governs the processing of personal information by cloud service providers.” Furthermore, our provider regularly conducts rigorous third-party audits, such as by the British Standards Institute, to verify adherence to the strict security controls these standards mandate. All Opti Platform operations are hosted inside data centers meeting these standards and procedures.

Currently, the Opti Platform is hosted on the Microsoft Azure infrastructure, which is ISO 27001 certified. All data is held on servers located in Microsoft-controlled data centers. As of the Effective Date, Microsoft and its controlled United States subsidiaries are participants in the Safe Harbor program developed by the United States Department of Commerce and the European Union, and Microsoft has certified that it adheres to the Safe Harbor Privacy Principles agreed upon by the United States and the European Union. For full details see: https://azure.microsoft.com/en-us/support/trust-center/.

HIPAA and Personally Identifiable Information – Opti Products do not store any personally identifiable information for customers beyond contact email address for alert notifications. None of the information stored by Opti is subject to HIPAA regulations and mandates.

This Security Statement was last updated on: 2 April 2018.