Systems and methods with several layers:
We update our platforms regularly
Moicon regularly releases new platform versions to update all of the customers platforms. New platform versions provide operating system, runtime, application server, and web server updates, and updates to Moicon components. Many of these platform updates include important security fixes. Moicon ensures that your Moicon environments are running on the most recent and secure platform.
Monitoring is an important part of maintaining the reliability, security, availability, and performance of your Moicon Digital Twin Platform. Moicon continuously monitors these services.
Moicon uses Transport Layer Security (TLS. This is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide privacy and data integrity between two or more communicating computer applications. It runs in the application layer and is itself composed of two layers: the TLS record and the TLS handshake protocols.
The Domain Name System Security Extensions (DNSSEC) is a DNS feature that authenticates domain name lookup answers. It doesn't give any privacy protections for those lookups, but it does stop attackers from tampering with or poisoning DNS requests.
Sensitive data filtering (in API)
Whether it's the volume of unnecessary data returned through the API or information that reveals too much about the API endpoint, certain APIs give much too much information. This happens when an API delegates data filtering to the user interface rather than the endpoint. Moicon’s APIs only return as much data as is required to do their task.
Token based authentication [JWT Token]
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.
We sign JWT tokens using a secret (with the HMAC algorithm), so they can verify the integrity of the claims contained within it.
Once the user is logged in, a new JWT token is created. Each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token.
Strong Encryption on wire [HTTP + TLS]
HTTPS is the secure version of HTTP protocol. It leverages Transport Layer Security (TLS) that encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence. Your web browser analyzes the website's security certificate and verifies it was issued by a legitimate certificate authority. To maintain 100% protection, we always force encrypted connection to our services. This ensures that if you see "https://twin.moicon.net" in your browser's address bar, you're connecting to the real Moicon website.