7th September 2017
One of the things we get asked often is “how secure is my data?” and “how secure is your solution when I’m wirelessly sharing content from my device to a screen?”
We know that security is front and centre when it comes down to deciding which wireless presentation system is to be used across an organisation’s meeting spaces.
When it comes to wireless presentation and sharing content, we take security very seriously too.
To help you understand our approach, we’ll break it down into three elements: software, hosting, and hardware.
All inbound and outbound data from the software is encrypted and transmitted over TLS or DTLS with 2048-bit asymmetric encryption and 256-bit symmetric encryption using certificates from third party credited authorities. Network communication is protected using the latest in technology to secure all your video, audio and data. Using the TLS and DTLS cryptography protocols, previously referred to as SSL, we provide protection using a 2048-bit asymmetric key in conjunction with a 256-bit symmetric session key.
The Montage software consumes a REST API provided by our SaaS layer which is credential secured. All communication with the REST API and our XMPP services are over TLS (port 443) with 2048-bit asymmetric encryption and 256-bit symmetric encryption. For video calls STUN is used to establish a peer to peer connection. If this fails then the client will attempt to use our relay service using the TURN protocol.
In addition to DTLS encryption, we also encrypt data through Secure Real-Time Protocol, which safeguards IP communications from hackers, so that your video and audio data is kept private point to point.
For each meeting, a unique meeting ID is generated from our SaaS layer which is used as a means for the clients to connect to that specific meeting. The host can also specify a PIN, adding that double layer of security for clients joining a meeting.
We use Azure to host and support the services we offer to our clients. Azure’s Datacentres are geographically dispersed and comply to ISO/IEC 27001:2005, SOC 1 and SOC 2 .
In addition to the security provided with the software, the Montage box can be configured to allow devices to connect via its own access point. The access point is secured with WPA2 with TKIP encryption, allowing clients to connect directly to the box and therefore creating a local network. If Montage has access to the Montage Cloud, then it will be able to allow devices connecting to it from outside of its local network. This can be restricted by deactivating access to the cloud in the settings of the Montage box.
We have a variety of enterprise companies, who chose Montage for their wireless presentation needs because it was the most secure solution out there, from a major telecommunications company, to a global automotive company.