Security at FlytBase

At FlytBase, data security and customer privacy are our highest priority. We heavily invest in robust security measures and are deeply committed to protecting customer’s data and our information systems that ensure confidentiality, integrity, and availability.

Learn About the Platform

FlytBase Security Architecture

How FlytBase keeps your data secure

With multiple layers of protection that includes secure data transfer, encryption, network configuration, and application-level controls, FlytBase platform is designed with security in mind. We also use tools to help us enforce compliance with our internal security policies.

Data protection

Data at rest

All sensitive data, such as passwords, is encrypted at rest and cannot be replicated by anyone. For managing cryptographic keys, we use full-disk encryption with the industry-standard AES-256 encryption algorithm and the Azure AD B2C security token service.

Data in transit

Every network communication with our FlytBase servers and any third-party service provider is encrypted with TLS version 1.2 or higher. We also use features such as the HSTS (HTTP Strict Transport Security) to ensure the security of our data in transit.

Application security

Vulnerability Scanning & Patching

We follow a stringent vulnerability management process at key stages of our Secure Development Lifecycle (SDLC) to allow early identification of vulnerabilities and resolve them according to predefined timelines based on severity.

Penetration Testing

We conduct penetration tests on a regular basis to verify our security status and identify potential vulnerabilities. All areas of the FlytBase platform and cloud infrastructure are in-scope for these assessments to maximize the effectiveness.

User account security

OAuth 2.0

FlytBase authenticates and authorizes users using the OAuth 2.0 protocol. FlytBase supports the most common OAuth 2.0 scenarios, including web server, client-side, installed, and limited-input device applications.

Single sign-on (SSO)

We provide single sign-on authentication with Google and Microsoft, alongside detailed role and team management capabilities within an organization's profile. Our enterprise users have the flexibility to use their own SAML 2.0-compliant solution.

Data Privacy

GDPR

FlytBase is committed to handling all customer and employee personal data in line with the EU’s General Data Protection Regulation (GDPR). We have integrated all required measures and processes for personal data security, as per GDPR standards, into our systems.

Need additional security?

FlytBase offers flexible deployment options, including the option to operate on a separately managed AWS environment with physical isolation from the shared infrastructure of our multi-tenant cloud offering, giving an additional layer of security and privacy.

Flexible Deployment Options

Multi-tenant

Seamlessly integrate with your private cloud storage, enjoy consistent, hassle-free maintenance managed by FlytBase, and easily scale your operations.

Sole Tenant

Enjoy exclusive access on a private instance, enhanced security, compliance with data residency laws and customization control over server configurations.

On Prem Hybrid

Ensure data privacy by hosting drone media on local servers, while maintaining a secure connection to multi/sole tenant servers for command and control.

Air Gap

Meet compliance with data governance laws and internal IT policies while enhancing latency, management & control, data security, and storage capabilities.

Want more information?

We understand how critical it is to keep your drone data confidential and secure. We would be happy to work closely with your operations and security teams to address any data security concerns.

Download Ebook