Data Security

How Videolab Ensures Data Security for our Users

Data security is at the core of who we are. Our firm was founded by cybersecurity and privacy researchers from IMEC-Distrinet research lab at the KULeuven, Belgium. Videolab has been developed by leveraging LINDDUN, a privacy by design methodology now part of the NIST Privacy Framework. Although GDPR compliance is a journey, not a destination, Videolab is as GDPR compliant as it can be.

Data Security Countermeasures

Videolab contains a wide range of data security countermeasures. The most notable are mentioned on this page. Our complete data security threat model and the data privacy impact assessment will be made available upon request.

Codific Secure Vault to ensure Data Security

Data Security with the Codific Secure Vault

The Codific Secure Vault is a secure storage where all recordings are kept. It ensures data security with the following measures in place.

  • All data is encrypted using Industry-standard AES-256 encryption.
  • Encryption keys are stored in dedicated safety boxes each owned by a specific user.
  • The Vault master access is guarded by a two-man rule implementation based on strong cryptographic primitives.
  • All audit traces are stored in a so-called write-once read-many storage.
  • The Vault features a flexible access control policy management mechanism to ensure data security while sharing data between multiple users. The policies themselves are also stored within the Vault.
Penetration testing for data security
Penetration testing

Codific’s internal Team Red as well as a number of third parties conduct periodic penetration testing of Videolab.

2fa
Multi-factor authentication

For all authorized access a multi-factor authentication mechanism is enforced.

Monitoring for data security

Monitoring

Secure Patrol is a complete solution targeted towards real-life monitoring and protection of software systems. Secure Patrol consists of a team of AI and human agents who patrol software systems preventing and intervening on any attacks.

firewall
Application-Level Firewall

We deploy an application-level firewall to make sure malicious requests which might threatened data security on our platform are blocked.

Browser security
Browser Security

We leverage best practices in browser security hereby reducing the likelihood and impact of various categories of attacks to data security, such as Cross-Site Scripting, Injection, etc.

Server Hardening
Server Hardening

Server hardening involves reducing the available ways to attack the server infrastructure where the Videolab web application is hosted.

Auditing for data security
Auditing

We conduct audits including a threat modeling analysis where new threats, their likelihood and impact are assessed regularly.

End to end encryption for data security
End-to-end encryption

All access to Videolab is secured using an A+ grade transport layer security.