myViewBoard Security Development Overview
This document is provided in response to the inquiry made to ViewSonic for requesting security development and deployment architecture for the myViewBoard project. Security and privacy are components of myViewBoard TM in the design, development, and delivery of this service.
In this document we will describe how we integrate Github, Docker, and Circle CI,deploy secure, scalable architecture on Amazon’s Web Service Cloud platform, WebRTC’s protocol for securing our streaming service, and how PGP (Pretty GoodPrivacy) is integrated in our secure file sharing and transmit use case. This approach is designed to balance customers’ needs for security and confidentiality with public information in regard to technologies and third-party solutions that myViewBoard integrates.
Secure Development Lifecycle
Security Development Lifecycle is a set of activities and milestones which can drive high-quality security outcomes in product and services development. It can be subdivided into 4 distinct sections: Architecture and Design, Implementation, Validation and Release. A review is conducted after each stage has been completed. Below are the activities that should be taken care of at each stage of the Secure Development Lifecycle process:
Continuous Integration and testing with cloud service
Security Design and Data in myViewBoard
Security is always the highest priority of our concerns. myViewBoard had introduced different techniques to ensure you could use our service always in the good and safe environment.
Security design and implementation
myViewBoard introduced the firewall to protect all the assets for the system. All the traffic had been monitored by a firewall to ensure there is no malicious connection connecting to our systems. Also, we introduced the PKI infrastructure to ensure the identity of the servers. The PKI could provide the integrity to ensure the service had been served in the proper secure way.
Besides the above, myViewBoard had already applied SSL certificates to encrypt all the transactions between you and our system. All the traffic you send and get through from our system is in private. myViewBoard uses SHA 256 with RSA encryption algorithm to ensure that all traffic is safe during data transmission. We do not allow any open-text connections to [myviewboard.com] so that all your connections would be in a highly secured way to connected with us.
Moreover, myViewBoard employed different cloud vendors for infrastructure support. By the empower of cloud vendors, your data and data transmission are placed in the most secure way that the top-tier cloud vendor provided. Inside the access, the encryption keys are required to use as the mandatory identity validation method. myViewBoard also deployed the Web Application Firewall (WAF) to protect your connection within the safe and proper good way for transmitting data. By the empowering of our WAF, DDoS protection and network vulnerability prevention had been formed into our infrastructure to provide you a clean and safe space for using our service.
In myViewBoard, your data will be saved on our secure database system which only a limited number of our internal colleagues could touch for. In most scenarios, myViewBoard would not directly access your data.
To perform the good data segregation standard, myViewBoard uses a different system to isolate our colleagues who could touch what category of data. We are working from the least privileged model which means your colleagues will not be able to access the data they do not need. Also, by the segregation of data concept, myViewBoard only collects the data need to perform our tasks. All the data and information you provided will be under our security protocol to perform regular access audits and review the control procedures.
In myViewBoard, all data will be encrypted and store in our database system. Besides the data at rest, myViewBoard also takes good care of data in transit.
For all services in myViewBoard, we had enabled the SSL/TLS encryption between different parties. All the traffic is transferred under the SHA256 encryption by our SSL certification. The certificate will be continuously updated and renew by us to ensure the safety of the data passing.
Besides the above, myViewBoard is concerned with all your data shared with us. All your temporary files will be deleted when you exit the application, sign out, switch users, or reach idle time. And as per the architecture by OAuth 2.0, we do not store your password on our system when you use other identity providers to access our system. In myViewBoard, we will not share or sell your data to a third party for any other purpose which means we will not allow other parties to access your information for any purpose. For the collection of data and its usage, including GDPR protection policy, please reference to https://myviewboard.com/policy for more details.
Secure Streaming Service
Browser-based communications eliminates cost and complexity
By breaking vendor and platform dependencies, WebRTC transforms enterprise communications. Until now, businesses have been limited to expensive desk phones and proprietary software clients. While vendors support open standards such as SIP (Session Initiation Protocol), many maximize product margins by providing support only for proprietary endpoints and separately licensed software clients. With more workers using smartphones as their primary handset, expensive desk phones are becoming increasingly difficult to justify. What businesses need is a way to make smartphones and tablets viable alternatives to traditional phones. However, traditional solutions for extending enterprise communication services to mobile devices are costly and inefficient.
Most UC (Unified Communications) vendors offer operating-system-specific soft clients that take time and money to qualify, deploy, and support. WebRTC overcomes these limitations by bringing real-time communications directly to the browser. This eliminates special purpose, OS-specific clients. With WebRTC, IT organizations can accelerate time-to-market and contain costs by extending enterprise communications services to any browser-enabled device (smartphone, tablet, or PC).
Users can access the WebRTC-enabled service over any network – public or private; WiFi, mobile broadband, or wired LAN. WebRTC reduces upfront IT expenses by containing client licensing fees, qualification efforts, and deployment costs. There are no proprietary clients to purchase, roll out, update, or support. The client application runs on an off-the-shelf "free"browser. Qualification, deployment, and maintenance costs are contained to the Web site. New features and fixes are implemented right on the Web page.
WebRTC Built-in Security Features
In essence, downloading any software from the internet carries an inherent risk that your PC may become infected by a virus, malware, spyware or various other 'bugs'that threaten the security of your data. As such, the principal solution to combat viruses is to install firewalls and anti-malware software that work to defend your computer against any potential threats.
With WebRTC however, there's no need to worry about any of that because since WebRTC works from browser to browser, you don't need to download any software or plugins in order to set up a video conference or VOIP call. All the security that you need is already contained within your browser and the WebRTC platform. Some of the in-built security features contained within the WebRTC platform include:
- End-to-end encryption between peers
- Datagram Transport Layer Security (DTLS)
- Secure Real-Time Protocol (SRTP)
Encryption is built in to WebRTC as a permanent feature and addresses all security concerns effectively. Regardless of what server or compatible browser you're using, private peer-to-peer communication is safe thanks to WebRTC's advanced end-to-end encryption features.
Data Transport Layer Security (DTLS)
Any data that is transferred through a WebRTC system is encrypted using the Datagram Transport Layer Security method. This encryption is already built into compatible web browsers (Firefox, Chrome, Opera), so that eavesdropping or data manipulation can't happen.
Secure Real-Time Protocol (SRTP)
In addition to offering DTLS encryption, WebRTC also encrypts data through Secure Real-Time Protocol, which safeguards IP communications from hackers, so that your video and audio data is kept private.
WebRTC Default Case - P2P
This is a true End-To-End encryption (E2E)
WebRTC Default Case - TURN
A TURN Sever DOES NOT terminate the encryption. In this case, it's a true End-To- End encryption (E2E)
Incident handling for myViewBoard
Nowadays, the cyber-attacks would be a more serious problem in the world. In myViewBoard, we had clearly defined the incident handling approaches internally and had internal procedures.
The flow mainly divided the incidents into four different risk levels and handling with different approaches.
- The critical level is the risk of data leakage and the vulnerability found that would cause service impact or leading to affect the usage of myViewBoard. For the issue defined in this category, myViewBoard security team would immediately notice our management group and the virtual incident response team led by senior management and security experts had been formed to tackle the issue as soon as possible. Our incident handling team will include all related department's representatives and handled the reported issue in their highest priority to resolve the issue. myViewBoard also will document the total steps that we are performed in such incidents and will provide the lesson learned to the team.
- The critical level risk would also notice the related parties and myViewBoard management group about the solution or adjustment that should aware on operations and handling skills to our team.
- The high-risk level defined there is service impact on myViewBoard but the contingency system had been uplinked to support the service. The high-risk level may also fall by criteria of server impacts that may create threats or vulnerabilities that affect customer use of the system.
- In myViewBoard, the high-risk level will also trigger the formation of the virtual incident response team with all related parties' representatives with security experts to resolve the problem.
- For the operations, the management level in myViewBoard will receive the notice on the issue defined as high-risk level and the incident response team will keep reporting to the management group till the incident is resolved.
- myViewBoard will document the total steps that we are performed in such incidents and will provide the lesson learned to the team.
- The risk defined at the medium level will mainly cause a minor impact on the service and not affect any of the daily operations in myViewBoard. The medium risk level in myViewBoard will mainly follow the pre-defined guidelines and procedures to handle and resolve the issue. The solution may need to be patched or updated in order to use out internal change management process to perform.
- All the tasks and logs collected during the incident handling will be listed in detail in myViewBoard internal directory and shared with the internal team only.
- The problem that myViewBoard defined as low-risk level will not affect any provided service or business operation. The low-risk level issue will be handled with the regular handling procedures by myViewBoard team. The low-risk level issue will also be listed on our intranet and shared with the team without identifiable information.
Besides the above sections, myViewBoard also needs the following port open to allow access to our system.
- TCP Port 443 (HTTPS): outbound
- UDP and TCP port 3478 bidirectional to the WebRTC servers
- UDP Ports 49,152 – 65,535 (RTP/sRTP/RTCP) bidirectional to the WebRTC servers. These ports are optional; if blocked, media will be proxied using TURN on port 3478.
The above ports are the minimum request on linking the service from your organization and it would help to ensure the availability of our service.
The client software component also adds or makes modifications to the following system attributes and configurations (such as registry entries, firewall settings, digital certificates, kernel mode drivers, and browser plugins):
- Registry Keys:
- HKEY_LOCAL_MACHINE\SOFTWARE\ViewSonic\vBoard (Whiteboard for Windows)
- The following are used for cryptography:
- ・Hashing Algorithms: SHA256
- ・Public-Key Algorithms: RSA-2048
- ・SSL Schemes: TLS 1.2
Resiliency of myViewBoard
myViewBoard not only considers the confidential aspect of the service provided, but also concerns about the availability of the service provided. In myViewBoard, all our infrastructure is running under N+1 design. To ensure we provide the services running in smooth and high availability mode, our infrastructure vendors are basically running in 99.999% availability.