Security & Compliance
Cybersecurity is more than just certifications and encryption – learn how Arcules lives and breathes security so your business can stay compliant and secure by design.
Arcules is security. It's in our DNA.
What Makes Arcules Secure
Security starts with best practices from within - Arcules nurtures an environment built on good IT hygiene, today and every day.
Everything and the kitchen sink encrypted in transit to the cloud. Video, thumbnails, analytics, metadata, settings, and beyond.
A SaaS product is only as good as its data center, that's why every bit of information is locked-tight within the Google Cloud facilities.
Multi-factor authentication, RBAC, SAML / SSO integration, and granular user profiles secure access for all system entry points.
Built on a Culture of Best Practices
According to IT research, over 50% of security incidents are caused by people within an organization (verizon). At Arcules, we believe that a secure product doesn’t just mean encrypting your data and making strong passwords; it’s a day-to-day practice of smart internal choices and habits that build the foundation for a safe tech product. Like good hygiene, it’s not something you do only once.
From corporate traditions like “caking”, where employees are encouraged to spot and lock others’ unattended devices and send an embarrassing announcement that the owner will bring cake to everyone in the office, to rigorous SOC 2 training and smart engineering pipeline validation. You won’t find us building back-door shortcuts for development now, or ever.
Every Cloud Needs a Strong Tether
Endpoints should be secure, but the transfer of your communication through the wild west of the internet on its way to the cloud is equally critical. With the Arcules Gateway, we are able to seamlessly manage connection safety, data encryption, and anything related to the transfer of your surveillance system information using just one small device.
Encryption in Transit
Every bit and byte of data sent from the Arcules Gateway is transmitted utilizing TLS 1.2 or greater. Additionally, Google's POP network offers lower latency and adds an extra layer of data protection from nosy eavesdroppers and "man-in-the-middle" interceptors.
Outbound Traffic Only
Arcules only talks to the cloud using outbound connections, so your Gateway, IP cameras, access control panels, and IoT devices can operate with fewer vulnerable points of entry - meaning a smaller overall security footprint for your organization.
Secure by Default
The Arcules Gateway is not only hardened for security, but will also refuse to connect to external devices using their factory default credentials. This allows you to maintain a more secure environment within your organization.
Each package of code deployed to the host is signed with Arcules' own secret signature to prevent sneaky tampering and authenticate the original source, adding yet another layer of protection to your security system.
Built on the Trusted Google Cloud
Our partnership with Google Cloud services not only allows us to provide scalability, but also redundant, robust, and trusted data protection 24/7.
Built like an onion, Google’s data centers are designed with 6 layers of redundant physical and digital security to ensure that your data is safe. Check out the tour!
Where the Rubber Meets the Road
Being a cloud-based product means that our Arcules Platform is the final critical access point to secure for our customers. It’s the place where everyone in your organization logs in to manage the system, where the encryption releases for viewing, and arguably where the most potential vulnerability lies.
Our engineering team has baked in several industry-standard protocols (and even a few unique tools) to our platform to mitigate risk at the application level while providing the control/flexibility to fit into your existing environment. With support for SSO from providers like Google, Okta, and Microsoft, easily customizable user permission groups, refusal of easy-to-guess default logins, and seamless automatic updates, your system stays secure without any downtime or installation loading periods.
What Makes Arcules Compliant
Proof We "Walk the Walk"
These days, organizations considering cloud products want to be sure the service is built with stringent data protection – especially those in highly sensitive industries like healthcare, data storage, or education. Every endpoint, connection, and transaction must create a simple experience – while still providing the utmost assurance that protocols are in place to protect sensitive data. For this reason, we maintain the following certifications to enable your successful compliance.
SOC 2 Type II
SOC is an auditing procedure that ensures service providers securely manage customer data. Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on various trust principles.
SOC 2 compliance is determined by an audit from an AICPA-certified independent third-party party and mandates that organizations adhere to specific information security policies and procedures in line with their business objectives. SOC 2 Type II compliance covers a six to 12-month time-frame to ensure that a company’s security measures align with the evolving requirements of data protection in the cloud.
This means Arcules doesn’t just do the right things today, but every day consistently to keep your data safe.
The European Union adopted the General Data Protection Regulation in 2018 as a response to privacy concerns around the way businesses collect their data online. Since then, the law has required European and international organizations to change the way they collect user data and offer them the ability to manage it by request.
Standard Contractual Clauses (SCCs) The final version of the new SCCs were published by the European Commission on June 4, 2021. SCCs are template data transfer agreements that permit data exporters to transfer customer information to countries outside the EEA that the European Commission identifies as providing “inadequate” data protection such as Australia, Brazil, China, India and the United States.
What This Means for You
While many companies will tell customers that their product itself is compliant, at the end of the day, your data is still owned and managed by your organization. That’s why Arcules offers a suite of certified tools and services which enable you as the customer to be compliant in the way you manage and store your data within our platform.
HIPAA for Medical
GDPR for European Union
NDAA & TAA for Hardware Selection
What Our Customers Say...
“One of the main reasons we decided to move to Arcules is it’s all cloud-based, It’s all on one platform, which is much better than having to manage a server for each site with its own unique cameras.”
“With Arcules’ robust cloud-based solution, it’s updated all the time. I’ve got a direct relationship with them as a vendor, so I know the equipment is going to work when I need it to.”
“The ease of use of the product is very important to us. You don’t need to be an IT expert to utilize it. With a cloud-based solution, it’s much more efficient. Not having to monitor the hardware or do software updates is a big time saver—it really manages itself.”
Arcules is a Canon Company that delivers the next generation of cloud-based video surveillance, access control, and smart analytics − all in one unified, intuitive platform. We help organizations eliminate complexity, reduce maintenance, and save money while improving safety and optimizing business operations.