Infrastructure Security

  • All traffic flowing through the Skies infrastructure is secured via SHA-256 with RSA encryption
  • Skies hubs don’t have low-level access to on-premise systems
  • Skies-facing parts on the on-premise system do not run in the root context

Content Security

  • All streaming proxies that can be accessed via Skies are pre-encrypted on the on-premise systems using AES with a key length of 128 bits
  • Every asset is encrypted with a unique pair of encryption and decryption keys
  • Only encrypted content can be at rest in CDN & browser caches
  • All media content that can be accessed via Skies can be watermarked
  • No company or user data is ever stored on Skies hubs
  • Projective does not have any access to its customers content

Authentication Security

  • All Skies users are required to use strong passwords
  • All passwords are stored as cryptographic hashes on the on-premise system
  • Pending: Strawberry supports two-factor authentication (2FA) using open standards
  • Pending: 2FA can be selectively enforced for Skies users
  • Single Sign-on (SSO) is supported for all Skies users

Skies Hub Security

  • On-Premise systems connect to Skies Hubs through encrypted SSH tunnels
  • Skies hubs only store the bare minimum of data that is required for their functionality
  • All data stored on Skies hubs is anonymized
  • Skies hubs don’t have a management interface

Availability Zones

  • The Skies infrastructure is hosted across several data centers and availability zones around the world
  • Strawberry servers are always connected to all Skies Hubs in all regions, ensuring service availability even if an entire data center goes down
  • Multiple Skies hubs per geographical region ensure high availability
  • Encrypted content is served via CDNs in the requesters’ regions
Last modified: Apr 08, 2020

Need more help with this?
Visit the Projective Support Websites

Thanks for your feedback.