Our Commitment to Security

End-to-end, our solutions are built for use in the most security-conscious industries.

Here’s how we protect your data.

Secure Connectivity with RemoteSpark

Connected worker solutions like RemoteSpark offer organizations unique opportunities to enhance productivity and efficiency. However, they also introduce new security considerations due to the use of cameras and sensors required for real-time guidance and information access. For industries operating in security-sensitive environments, ensuring these tools have a comprehensive security infrastructure is critical.

Cybersecurity First

From our internal IT infrastructure to product security architecture, to RemoteSpark’s network flexibility, we work diligently to protect your data and comply with your data governance policies. Kognitiv Spark is both a Cyber Essentials UK and Cybersecure Canada certified company. Learn more about how we guard and protect your data.

 RemoteSpark’s Security Architecture

RemoteSpark was designed for use in data-conscious industries like defence and energy production. The platform’s security architecture can be divided into two categories.

RemoteSpark Client Layers of Security

  • It’s recommended that the Windows 10/11 PC and the device hosting the RemoteSpark Client have encryption enabled if available to enforce full-disk encryption

  • It’s recommended that the device requires authentication by Entra ID (Formerly Azure Active Directory (AAD)). Multi-factor authentication can be enforced, as well as organizational password policies. To authenticate into the RemoteSpark application, an Entra ID or RemoteSpark account is also required.

  • The RemoteSpark Client Application is verified by the Kognitiv Spark security and quality insurance teams to identify and mitigate security and quality issues before being available to the customer.

  • All network activity between the client/server, and peer to peer (video calls) is always encrypted.

RemoteSpark Server Security Architecture

  • The RemoteSpark Server system runs either in the Microsoft Azure Cloud (either commercial orgovernment), in a client’s cloud offering (AWS, Azure, Oracle, etc.) or a sub-set of the systemcan be run on the customer’s premise using Windows Server leaving the security controlswithin the discretion of the customer.

  • The system is protected by the layers of Azure Firewalls and other network protection systems. Activity is logged for security and performance monitoring. When defined thresholds are reached, Kognitiv Spark is alerted of the anomaly and action initiated. When running on On-Premise, the logging and alerts will need to be designed and monitored by the customer’s On-Premise staff.

  • The RemoteSpark Server Services is a collection of application tiers developed by Kognitiv Spark to support the RemoteSpark Client. Developers do not have access to production systems.

  • All content stored and generated by RemoteSpark is stored on Azure Storage and is encrypted at rest and transmitted via TLS 1.2. The files are encrypted with 256-bit AES.

  • The data storage used by RemoteSpark is encrypted at rest. Only the RemoteSpark Server can access the data on behalf of the client and it has no access to the public internet.

  • These servers facilitate the audio/video call. They help determine if the video call can be directly connected between two peers or needs to be relayed through the COTURN server. Most video calls are connected directly and the video and audio do not pass through any Microsoft or Kognitiv Spark servers. When a call requires a to be relayed, the video signal is not stored at any time and the encryption/decryption keys are not accessible by the COTURN server, so the server is only a relay of encrypted data.