Security at FlytBase

At FlytBase, data security and customer privacy are our highest priority. We heavily invest in robust security measures and are deeply committed to protecting customer’s data and our information systems that ensure confidentiality, integrity, and availability.
Learn About the Platform

FlytBase Security Architecture

How FlytBase keeps your data secure

With multiple layers of protection that includes secure data transfer, encryption, network configuration, and application-level controls, FlytBase platform is designed with security in mind. We also use tools to help us enforce compliance with our internal security policies.

Data protection

Data at rest

All sensitive data, such as passwords, is encrypted at rest and cannot be replicated by anyone. For managing cryptographic keys, we use full-disk encryption with the industry-standard AES-256 encryption algorithm and the Azure AD B2C security token service.

Data in transit

Every network communication with our FlytBase servers and any third-party service provider is encrypted with TLS version 1.2 or higher. We also use features such as the HSTS (HTTP Strict Transport Security) to ensure the security of our data in transit.

Application security

Vulnerability Scanning & Patching

We follow a stringent vulnerability management process at key stages of our Secure Development Lifecycle (SDLC) to allow early identification of vulnerabilities and resolve them according to predefined timelines based on severity.

Penetration Testing

We conduct penetration tests on a regular basis to verify our security status and identify potential vulnerabilities. All areas of the FlytBase platform and cloud infrastructure are in-scope for these assessments to maximize the effectiveness.

User account security

OAuth 2.0

FlytBase authenticates and authorizes users using the OAuth 2.0 protocol. FlytBase supports the most common OAuth 2.0 scenarios, including web server, client-side, installed, and limited-input device applications.

Single sign-on (SSO)

We provide single sign-on authentication with Google and Microsoft, alongside detailed role and team management capabilities within an organization's profile. Our enterprise users have the flexibility to use their own SAML 2.0-compliant solution.

Data Privacy

GDPR

FlytBase is committed to handling all customer and employee personal data in line with the EU’s General Data Protection Regulation (GDPR). We have integrated all required measures and processes for personal data security, as per GDPR standards, into our systems.

Need additional security?

FlytBase offers flexible deployment options, including the option to operate on a separately managed AWS environment with physical isolation from the shared infrastructure of our multi-tenant cloud offering, giving an additional layer of security and privacy.

Flexible Deployment Options

Cloud

FlytBase Cloud provides cost-effective access with enterprise-level security. It complies with SOC2 Type II, ISO27001, and GDPR standards, and enables integration with private cloud storage.

On-premises

Self-host FlytBase on an in-country cloud or private server for highly secure & confidential projects. Meet cyber security compliance requirements and have complete control over your drone data.

Hybrid

FlytBase AirGapped operates offline,isolated from external networks, ensuring data security. Ideal for sensitive applications that require maximum protection

Want more information?

We understand how critical it is to keep your drone data confidential and secure.  We would be happy to work closely with your operations and security teams to address any data security concerns.

Contact Us