Infrastructure Security
- All traffic flowing through the Skies infrastructure is secured via SHA-256 with RSA encryption
- Skies hubs don’t have low-level access to on-premise systems
- Skies-facing parts on the on-premise system do not run in the root context
Content Security
- All streaming proxies that can be accessed via Skies are pre-encrypted on the on-premise systems using AES with a key length of 128 bits
- Every asset is encrypted with a unique pair of encryption and decryption keys
- Only encrypted content can be at rest in CDN & browser caches
- Regional geo-blocking of caches is supported
- All media content that can be accessed via Skies can be watermarked
- No company or user data is ever stored on Skies hubs
- Projective does not have any access to its customers content
Authentication Security
- All Skies users are required to use strong passwords
- All passwords are stored as cryptographic hashes on the on-premise system
- Strawberry supports two-factor authentication (2FA) for a wide range of services via OpenID Connect
- Single Sign-on (SSO) is supported for all Skies users
Skies Hub Security
- On-Premise systems connect to Skies Hubs through encrypted SSH tunnels
- Skies hubs only store the bare minimum of data that is required for their functionality
- All data stored on Skies hubs is anonymized
- Skies hubs don’t have a management interface
Availability Zones
- The Skies infrastructure is hosted across several data centers and availability zones around the world
- Strawberry servers are always connected to all Skies Hubs in all regions, ensuring service availability even if an entire data center goes down
- Multiple Skies hubs per geographical region ensure high availability
- Encrypted content is served via CDNs in the requesters’ regions
Last modified:
Jun 02, 2021
Need more help with this?
Visit the Projective Support Websites