Solink uses industry-leading security and compliance best-practices to provide our customers with a reliable and secure platform without any compromises.
Appliance resides on-premise behind the customer-managed firewall.
No inbound ports are required. All external connections are initiated by the appliance.
Only a small number of outbound firewall rules are needed.
Cameras reside in an isolated network segment without access to the public internet.
Application Security
User accounts are secured with strong passwords and multifactor authentication (MFA).
Support for SSO to enable authentication using customer provided infrastructure.
Regular penetration tests are conducted by independent security professionals.
Granular configuration of user roles and permissions.
User sessions are ended after a period of inactivity.
Hardware Security
Anti-malware software scans the appliance daily.
Regular appliance firmware and application updates.
Our support engineers manage the appliance via outbound connection. The connection is created at the beginning of and terminated at the end of the remote access session.
Multiple network ports isolate the camera network from the rest of the customer network.
Cloud
Encryption in transit and at rest.
Intrusion detection and extensive logging of security events.
Role-based security to control access to cloud resources.
Standard Security Recommendations for Video Security Solutions
To ensure that your recording device is secure within your network, these common practices should be followed:
Locate the device behind the firewall with private IP.
Never publish QNAP directly on the internet (no inbound NAT).
Keep QNAP device on separate subnet/VLAN.
Allow management from specific subnet/VLAN, or source IP only.
Open min. necessary secure ports for management such as SSH, HTTPs (no Telnet, no HTTP).
IPS (Intrusion Prevention) enabled on the internal firewall interface facing QNAP (optional).
Antimalware Scanner updates and scans run on schedule
If you have any questions regarding these recommendations, please email us at [email protected]
Compliance & certifications
Solink meets or exceeds some of the most broadly recognized security standards and offers solutions to help you address your compliance requirements.
SOC 2 Type II
SOC 2 (System and Organization Controls) is a regularly refreshed report that focuses on non-financial reporting controls as they relate to security, availability, and confidentiality of a cloud service.
In 2018, the European Union adopted the General Data Protection Regulation. Meant to give users more control over the way businesses collect their data, this law forced European and international businesses to alter the way they collect user data.
Solink affirms that the Solink software platform is fully NDAA-compliant. Solink does not employ any software libraries or software code components and components capable of processing software, from the companies highlighted in Section 889 and their affiliated entities identified in The John S. McCain National Defense Authorization Act (NDAA).
Third party security testing
Solink has regular penetration tests conducted by independent security professionals.
Responsible Use of AI
AI model performance is regularly assessed using precision and recall metrics, with continuous testing to ensure reliability and ethical usage.
We refrain from using any personally identifiable information of employees and/or patrons for the purposes of training our models.
We employ robust encryption, multi-factor authentication, and continuous security monitoring to protect video data from unauthorized access. Our SOC 2 Type 2 policies define how video and data are handled, applying the principle of least privilege (PoLP).
Security Updates
To receive security vulnerability notifications directly from our team, sign up now.
