At PlateauTec, we build systems that bridge the physical and digital worlds. Because our solutions range from facility access hardware to cloud-native healthcare management, security is not an afterthought—it is the foundational layer of our architecture. This policy outlines our approach to safeguarding information across all our ecosystems, including Assetuva, PMS, Axenda, and Sci-Math.
"True operational excellence comes from having complete control and crystal-clear visibility. We cannot deliver reliability without first delivering absolute security."
1. Infrastructure & Cloud Security
We utilize enterprise-grade cloud infrastructure to ensure high availability, data redundancy, and protection against emerging threats.
- Data Encryption: All data is encrypted in transit using TLS 1.2 or higher, and at rest using industry-standard AES-256 encryption.
- Network Protection: Our environments are isolated using Virtual Private Clouds (VPCs), protected by strict firewalls, DDoS mitigation protocols, and real-time threat monitoring.
- Access Control: We enforce the Principle of Least Privilege (PoLP). Access to production environments is restricted to authorized personnel via multi-factor authentication (MFA) and secure VPNs.
2. Hardware & Edge Security (IoT)
For systems that interact with the physical world, such as our Parking Management System (PMS) and Industrial IoT sensors, we employ specialized security measures to prevent tampering and unauthorized access.
🛡️ The Edge-to-Cloud Handshake
Hardware controllers (like gate barriers and LPR cameras) are physically secured and utilize encrypted protocols to communicate with our central servers. In the event of a network disruption, our Edge Computing modules are designed to fail-secure, ensuring that physical access controls remain intact and transaction data is safely queued until connectivity is restored.
3. Application & Product Security
Security is embedded directly into our Software Development Life Cycle (SDLC).
- Secure by Design: Our engineering teams adhere to secure coding guidelines (such as OWASP Top 10) to prevent vulnerabilities like SQL injection, cross-site scripting (XSS), and broken authentication.
- Continuous Auditing: We conduct regular automated vulnerability scans, dependency checks, and routine manual code reviews before any deployment.
- Data Separation: For multi-tenant SaaS products (like Sci-Math and Axenda), strict logical isolation is maintained to ensure client data is never co-mingled or improperly accessed.
4. Data Privacy & Compliance
Whether we are handling student information on an EdTech platform or tracking workforce KPIs in a hospital, we treat all personally identifiable information (PII) with the highest level of confidentiality.
- We collect only the data strictly necessary to provide and improve our services.
- We do not sell, rent, or trade your data to third parties.
- Our systems are designed to support your compliance with local and international data protection regulations.
5. Incident Response
In the highly unlikely event of a security incident, PlateauTec has a formal Incident Response Plan. Our protocol includes immediate threat containment, forensic analysis, service restoration, and transparent communication with affected stakeholders in accordance with regulatory requirements.
Reporting a Vulnerability
If you are a security researcher or a customer who has discovered a potential security vulnerability in any PlateauTec product or hardware, please report it immediately to our security team at:
security@plateautec.com