Articles in this section

Security Overview

SUMMARY

Use this guide to understand Factbird's approach to platform security and where to find security-related resources. Factbird applies security controls across its platform while providing guidance for customers on secure deployment, user access, and responsible security reporting. 

WHAT THIS IS

Security is a shared responsibility between Factbird and its customers. Factbird secures the platform, cloud infrastructure, and application services, while customers are responsible for managing user access, securing their networks, and following their organization's IT security policies.

The Security Overview acts as a starting point for understanding Factbird's security practices and links to more detailed security documentation when required. 

 

WHY IT MATTERS

Maintaining a secure manufacturing environment helps protect production data, user accounts, and connected devices.

Factbird provides security documentation to help customers:

  • Understand how the platform protects data.
  • Deploy Factbird securely within their environment.
  • Meet internal IT and compliance requirements.
  • Report security concerns responsibly. 
     

WHEN YOU WOULD USE THIS

Use this when:

  • Reviewing Factbird's security practices.
  • Planning a new Factbird deployment.
  • Completing an internal IT or security assessment.
  • Looking for security documentation or compliance information.
  • Reporting a suspected security vulnerability.
     

HOW IT WORKS

Factbird provides several security resources covering different aspects of the platform, including:

  • Platform and cloud security.
  • Network and firewall requirements.
  • User authentication and access control.
  • Compliance and security documentation.
  • Secure system integrations.

If you believe you have discovered a security vulnerability, submit a support request with the subject:

Security/Abuse Report:

This helps ensure the report is prioritised appropriately. Factbird asks that vulnerabilities are reported responsibly and not publicly disclosed until a fix has been released. Denial-of-Service attacks and automated vulnerability scanning that generates excessive traffic should not be performed.

Bug reports should be submitted separately using the subject:

Bug Report:

Including clear reproduction steps, expected behaviour, actual behaviour, screenshots where appropriate, and a description of the impact helps Factbird investigate the issue more efficiently. 
 

KEY TERMS / COMPONENTS

Security Vulnerability

  • A weakness that could affect the confidentiality, integrity, or availability of the Factbird platform or customer data.

Bug Report

  • A report describing unexpected product behaviour that is not related to a security vulnerability.

Responsible Disclosure

  • Reporting a security issue privately to Factbird before publicly disclosing the vulnerability.

Security Documentation

  • Documentation describing Factbird's security practices, compliance information, and deployment recommendations.

COMMON MISUNDERSTANDINGS

  • Security vulnerabilities should be reported as Security/Abuse Reports, not standard bug reports.
  • A software bug is not necessarily a security issue.
  • Customers remain responsible for securing their own networks, user accounts, and local infrastructure.
  • Security documentation is available separately and provides more detailed information than this overview.

RELATED ARTICLES

 

 

 

 

 

 

 

 

 

 

Was this article helpful?
0 out of 0 found this helpful