We have given special attention to all aspects of FRI3D, ensuring that everything throughout its operation is as secure as possible. FRI3D has been designed with operational security in mind and data privacy . Your data stays private in your databases maintained by you and in your servers.
Table of Contents
FRI3D doesnt collect any data or store any data which is not relevant to the fire analysis . All the data from the analysis and various plant information , 3D models etc are stored in your systems either on your local machine or your networked storage. That is determined by you.
It doesnt access any data or any resources from the internet . It doesnt even need an active internet connection on the computer its running on . The license server can be installed locally on the host machine and doesnt need access to any global data stored elsewhere.
Even if FRI3D connects to your plant database or fire database server server, or read your application log file to collect raw data, the product of this data collection process is always a number of chart metadata and metric values (summarized data for dashboard visualization). The raw data collected by FRI3D, do not leave the host they are collected.
This means that FRI3D can safely be used in environments that require the highest level of data isolation
We are very proud that the FRI3D runs as a normal system user, without any special privileges. This is quite an achievement for a monitoring system that collects all kinds of system and application metrics.
FRI3D is an fire analysis system. It should be protected, the same way you protect all your apps. We assume FRI3D will be installed privately, for your eyes only.
If a rogue attack does compromise your system , FRI3D's database would need to be protected. The easiest way is to store the database in an encrypted disk or employ means of data security from the IT department. FRI3D doesnt run as a service therefore is not constantly accessing the database, it exits and frees up all resouces if the FRI3D application/UI is not running. The running FRI3D appears under
Applications and task manager, the disks of the system and their names, the user accounts of the system that are running processes (the
User Groups section of the dashboard), the network interfaces and their names (not the IPs) and detailed information can be gathered by process monitoring systems.
This information is not sensitive, but it is important for possible attackers. It will give them clues on what to check, what to try and in the case of DDoS against your applications, they will know if they are doing it right or not.
FRI3D is a localized application. But its likely you will have many installations of it.
Until we add a distributed authentication method to Netdata, you have the following options:
If your organisation has a private administration and management LAN, you can install VPN and expose FRI3D to only the local network. ``