Redundancy
All equipment to run the YellowFox core is set to be redundant. There are two locations at the moment, in a distance of 10 km from each other.
Internet connectivity lines are connected via different uplink providers.
YellowFox is a member of RIPE. Therefore YellowFox is using IPv4/IPv6 address ranges dedicated to YellowFox. Creating an Autonomous system (AS) is the logical step. Plans are made already, YellowFox is working on it.
Communication ways
If the customer is using the SIM cards provided by YellowFox, the whole communication between object and server center is crypted, and secured via VPN to avoid access of data by third party. There are different encryption algorythms in use when exchanging data between vehicle and server center, depending on the hardware purchased by the customer.
The customer can choose to crypt the whole communication between his webbrowser and the YellowFox Webserver. Therefore the customer has to activate "https" at the Login page of YellowFox. Activated encryption is set to be the standard.
Power supply
The power supply was built to meet modern requirements to such an infrastructure. It can cover short outages as well as power losses of several weeks.
Monitoring
The Core is under monitoring 24h a day, 7 days a week. Special contracting with our hardware suppliers makes sure to replace broken components as soon as possible. All equipment needed to provide the core functions of YellowFox is available in "cold standby" near the data center as well.
Backup
There is a multi stage backup concept to secure data security in the unlikely event of data losses. The backup is held at the datacenter, and outside of it in at least two different locations. This secures the restore abilities in the unlikely event of data losses due broken hardware.
Partition / Data access security
YellowFox stores all data in databases without any direct interface to 3rd party. The access to such data via interfaces is limited to the so called Remote Tracking Interface, which adds another level of authentication to data access. There are no database table holding data of more than one customer, this makes sure to avoid data access by 3rd party by mistake or broken application layers.
Physical access to databases
The server center is secured by access control. YellowFox owns a dedicated room, secured by massive doors. Just a small bunch of known people has access. YellowFox emplyees do not own any keys to unlock doors, much more they have to contact the inhouse security to gain access to keys. Passport checks are in place. There are access protocols. Inside the server room servers are locked into cages. Only YellowFox employees own keys to access those cages. Beside some rules for handling serious acciedents, the owner of the room has no access to server cages. In case of an accident, special rules are in place, and protocols are done.
The server room itself is located in the 2nd basement, has no windows, and only one door. The owner of the facilities has electronical surveillance systems in place.
Data security and audits
Every single component used for exchanging data is subject to ongoing security audits by security professionals. YellowFox is working together with external data privacy officers and security professionals from service partners to improve the level of data security day by day.
Pentesting
We are executing pentests, together with external service providers. The whole infrastrukcture receives checks for security holes. Networking security is as well a topic as software security. We run automated and indivual tests. With automated checks we secure newly added infrastructure from the very first minute of its existance.
ISO 27001
YellowFox is working based on the rules of ISO 27001. We are in the middle if becoming certified, and work with external auditors and consultants to reach this goal as soon as possible.
Hardware replacement in case of faults
By working together with suppliers YellowFox created a dedicated concept for replacing faulty hardware in our server centers. A mix out of cold standby, warm standby and hot standby offers very short response times in such cases.