Security & Compliance

Cybersecurity is more than just certifications and encryption – learn how Arcules lives and breathes security so your business can stay compliant and secure by design.

Arcules is security. It's in our DNA.

Keeping you and your business safe is our reason for being – Arcules was founded to make securing your organization as simple, powerful, and flexible as humanly possible.

These days, it seems like every other day a new virus is unleashed or another company’s information is breached – we know the prospect of transitioning to cloud can seem scary and uncertain – that’s why we eat, sleep, and code data privacy and risk management.

From an office culture that reinforces good IT practices, to an engineering pipeline that doesn’t create back-doors, all the way to layers and layers of digital and physical protections that keep your system as safe as it can be. We’ve got your back 24/7.

What Makes Arcules Secure

Internal Security

Security starts with best practices from within - Arcules nurtures an environment built on good IT hygiene, today and every day.

Network Security

Everything and the kitchen sink encrypted in transit to the cloud. Video, thumbnails, analytics, metadata, settings, and beyond.

Cloud Security

A SaaS product is only as good as its data center, that's why every bit of information is locked-tight within the Google Cloud facilities.

Platform Security

Multi-factor authentication, RBAC, SAML / SSO integration, and granular user profiles secure access for all system entry points.

Internal Security

Over 0 %
of All Security Incidents are Caused By Employees

Built on a Culture of Best Practices

According to IT research, over 50% of security incidents are caused by people within an organization (verizon). At Arcules, we believe that a secure product doesn’t just mean encrypting your data and making strong passwords; it’s a day-to-day practice of smart internal choices and habits that build the foundation for a safe tech product. Like good hygiene, it’s not something you do only once.

From corporate traditions like “caking”, where employees are encouraged to spot and lock others’ unattended devices and send an embarrassing  announcement that the owner will bring cake to everyone in the office, to rigorous SOC 2 training and smart engineering pipeline validation. You won’t find us building back-door shortcuts for development now, or ever.

Network Security

Every Cloud Needs a Strong Tether

Endpoints should be secure, but the transfer of your communication through the wild west of the internet on its way to the cloud is equally critical. With the Arcules Gateway, we are able to seamlessly manage connection safety, data encryption, and anything related to the transfer of your surveillance system information using just one small device.

Encryption in Transit

(hover or tap me)
Every bit and byte of data sent from the Arcules Gateway is transmitted utilizing TLS 1.2 or greater. Additionally, Google's POP network offers lower latency and adds an extra layer of data protection from nosy eavesdroppers and "man-in-the-middle" interceptors.

Secure by Default

(hover or tap me)
The Arcules Gateway is not only hardened for security, but will also refuse to connect to external devices using their factory default credentials. This allows you to maintain a more secure environment within your organization.

Outbound Traffic Only

(hover or tap me)
Arcules only talks to the cloud using outbound connections, so your Gateway, IP cameras, access control panels, and IoT devices can operate with fewer vulnerable points of entry - meaning a smaller overall security footprint for your organization.

Package Signing

(hover or tap me)
Each package of code deployed to the host is signed with Arcules' own secret signature to prevent sneaky tampering and authenticate the original source, adding yet another layer of protection to your security system.

Cloud Security

Built on the Trusted Google Cloud

Our partnership with Google Cloud services not only allows us to provide scalability, but also redundant, robust, and trusted data protection 24/7.

Built like an onion, Google’s data centers are designed with 6 layers of redundant physical and digital security to ensure that your data is safe. Check out the tour!

Platform Security

Where the Rubber Meets the Road

Being a cloud-based product means that our Arcules Platform is the final critical access point to secure for our customers. It’s the place where everyone in your organization logs in to manage the system, where the encryption releases for viewing, and arguably where the most potential vulnerability lies.

Our engineering team has baked in several industry-standard protocols (and even a few unique tools) to our platform to mitigate risk at the application level while providing the control/flexibility to fit into your existing environment. With support for SSO from providers like Google, Okta, and Microsoft, easily customizable user permission groups, refusal of easy-to-guess default logins, and seamless automatic updates, your system stays secure without any downtime or installation loading periods.

What Makes Arcules Compliant

Native Compliance

Proof We Walk the Walk

These days, organizations considering cloud products want to be sure the service is built with stringent data protection – especially those in highly sensitive industries like healthcare, data storage, or education. Every endpoint, connection, and transaction must create a simple experience – while still providing the utmost assurance that protocols are in place to protect sensitive data. For this reason, we maintain the following certifications to enable your successful compliance.

Enabled Compliance

What This Means for You

While many companies will tell customers that their product itself is compliant, at the end of the day, your data is still owned and managed by your organization. That’s why Arcules offers a suite of certified tools and services which enable you as the customer to be compliant in the way you manage and store your data within our platform.

HIPAA for Medical

  • The Health Insurance Portability and Accountability Act of 1996 mandates the way medical organizations collect and manage patient healthcare data.
  • Arcules enables HIPAA compliance by providing full control over access and permissions,  while keeping the data securely encrypted to hospital standards.

GDPR for European Union

  • The European Union adopted the General Data Protection Regulation in 2018 as a response to privacy concerns around  the way businesses collect their data online. Since then, the law has required European and international organizations to change the way they collect user data and offer them the ability to manage it by request.
  • The Arcules Cloud Platform is designed with the flexibility to give you control over where your data is stored globally, as well as how it is collected and used under strict GDPR guidelines.

NDAA & TAA for Hardware Selection

  • In the National Defense Authorization Act of 2019, section 889 prohibits United States Government entities from purchasing video communication equipment from Chinese manufacturers that may pose a security risk. This, along with the Trade Agreement Act of 1979 requires products available to these bodies on the GSA Schedules to be manufactured in certain designated countries.
  • While Arcules does not sell video communications hardware, our uniquely open platform works across whichever brand of hardware you choose to use, enabling your organization to be NDAA & TAA compliant with your choice of surveillance cameras.

Explore Our Solutions

Experience Arcules for yourself

Online Tour

Get a feel for why, time and again, our customers love the Arcules product experience.

Book a Full Demo

Our cloud security experts are ready to go deep and understand your needs.

Request Trial Access

Access to our live demo environment so you can test the wheels yourself.