All user accounts are protected by an email address and password. Traffic between the web browser and user interface is encrypted using the latest encryption standards (when SSL Certificate installed).
All passwords are scrambled before storage using bcrypt hashing.
Live traffic analysis is performed to prevent brute force attacks. All actions, including failed password attempts, are stored in an audit log that can not be deleted.
A password policy can be defined in a cloud config to restrict passwords that can be used.
There are two layers of security between devices and servers. All data on the first layer (loader comms) is digitally signed by a private key on secure servers. Devices verify the data using a public key before to invoking second layer communications (player comms). The second layer uses digital signatures in additional to an optional TLS connection.
DS Loader will only execute new player applications that are digitally signed with the correct key.
We have the ability to transition to new keys in the event of a private key security breach.