Information Security Architecture Summary
Overview
The Userful Visual Networking Platform consists of elements in three categories. The client usually chooses one element from each category to build their solution.
Server Architecture
Userful On-Premise physical servers are installed within the customer’s premises and perform all data acquisition, processing, and transmission within the customer’s secured network. Userful servers do not store or reproduce any customer data. Information is transmitted to local displays over an isolated network segment in video format only.
Userful Cloud servers are hosted within Userful’s secure AWS environment where they distribute content and control signals to uClient devices but do not acquire or re-transmit data.
Client Architecture
Userful Zero Clients are simple purpose-built devices that receive information encoded as images from On-Premise servers and perform a simple operation to turn the data into HDMI video-out. They contain no local storage or other processing capabilities. They will only function within the same premises as their controlling On-Premise server.
uClient is a secure software application that can be installed on a variety of digital signage platforms within customer premises and can connect to either On-Premise or Cloud servers.
Management
Userful On-Premise servers support fully local management, where local users can access, manage, and control a Userful server using a Web browser from their workstation. On-Premise servers can be deployed in environments with no Internet connection whatsoever and retain full functionality and access control.
Customers have the option of using Userful Manager to remotely connect to and manage instances of Userful On-Premise and Userful Cloud from a single interface, however, this secure AWS-hosted connectivity service does not store or transmit sensitive customer data, and is not required for the operation of On-Premise servers.
Optional - External Data Sources
Customers can choose to purchase an optional subscription to the Emerald CMS service. This AWS-hosted service provides customization of public data feeds, and optionally the ability to upload private data for distribution.
The Emerald service follows all AWS best practices for data security and integrity, including native access controls and SSO authentication.
If the Emerald subscription is not purchased, no connectivity or transmission to the service is established.
Architecture Overview
Green lines are control signals.
Orange lines are customer data.
Broken lines are optional data channels.
Solid lines are required data channels.
Userful Data Processing and Privacy
Userful On-Premise servers access information visually. Information is processed into and out of the server as video data and without context. The exception to this is information acquired by Web browser sources, which operate in their own highly secure environment.
In all instances, Userful does not, and can not, scan, duplicate, or record any information that passes through a server, regardless of that server’s connectivity to Userful services.
Userful’s Business Model
While Userful counts revenue as a Software-as-a-Service (SaaS) company, our focus is on providing solutions that predominantly or entirely exist within the customer’s physical premises.
As a company, our focus is entirely on providing the tools that empower organizations to manage their visual information as they see fit.
Further Information
For more detailed information on Userful’s security architecture, please talk to your Userful representative and inquire about the Userful Security Guide.
Information about network design requirements for the platform can be found here:
https://docs.userful.com/hardware-setup/userful-network-requirements
Last updated