Introduction
Rubix is committed to protecting the security of all forms of information (written, spoken and digital) used in our business activities, during all steps of the information life cycle: creation, storage, usage, communication and deletion. We have implemented appropriate security solutions in accordance with best business practice in our sector. We regularly audit and monitor the functionality of implemented security solutions.
Below are the frequently asked questions we receive in relation to data and how we secure and handle it.
What is the minimum data required for Rubix to deploy a vending solution ?
In addition to the products and quantities, we typically ask for the following data from a customer;
- User data
- Cost centre/department for each user (optional)
What level of user data does Rubix require in order to provide a vending solution?
We require a users first name & last name, although, these are optional as all we really require is a way for the customer to identify their user in the reports we provide e.g. an employee number or similar.
What level of user data does Rubix require in order to provide the customer Portal?
Access to the customer portal requires the user to sign up using a token provided. The token is sent to the user by e-mail and the user then creates their own password, which cannot be viewed by anyone at Rubix.
Typically a user must provide the following on sign-up: First name, last name, e-mail address and Job title however, this data is not stored on the vending machine.
Where does the data reside?
Data is stored locally on each vending machine and centrally in the Rubix cloud. This architecture allows the vending machine to operate even if it is disconnected from the internet. On each side, the data is stored in a SQL database and is encrypted both at rest and during transit, using the latest cryptographic algorithms.
How is data transferred between the machine and server ?
Data is synchronised between the vending machine and the cloud server after each user session has completed or every hour (whichever is soonest). Connections are initiated by the vending machine, which means we cannot push anything inbound to the machine until the machine makes the securely encrypted outbound connection first.
Who has access to the data ?
Only designated Rubix staff and customers can access the data. We do not use any third party’s to handle or process any of our vending solution data.
What technical measures are in place in regards to data security ?
- Endpoint Detection and Response (EDR): All elements of the solution from cloud services to vending machines out on customer sites are protected by real-time EDR software, which is updated at approximately 10-20 minute intervals (if updates are available). OS and database vendor patches are applied weekly (web tier) and quarterly (database tier) except in the case of urgent security updates which may be applied immediately (subject to the internal change control and review). Our machines currently run a mixture of Sentinel One and Microsoft Defender EDR. Please speak to your local Rubix contact for confirmation of which service will be running on your machine(s).
- High-availability, highly-resilient database architecture: Our cloud databases and web services are configured such that we always have a fully up-to-date/synchronised replica waiting in another zone within the same region. These can be switched on seamlessly, should an outage occur.
- Back-end services: The entire back-end environment is hosted behind an application gateway layer using end-to-end encryption. The gateway acts as the public endpoint and handles all connections to the back-end services. The gateway has a Web Application Firewall capability, which is monitoring all traffic traversing through it and rules are in place to actively block any non-standard/suspicions activity. The gateway only accepts https connections using SSL certification. The back-end servers accept connections from registered vending machines and internally recognised services only. Remote access to these servers is allowed from within the Rubix network only, as they do not have a publicly exposed endpoints. Those remote connections have to be made using a ‘just-in-time’ access method whereby the ports required for remote access are enabled by an admin several seconds before a remote connection is made and then closed automatically after. Rules are in place to only accept connections from pre-approved IP addresses that automatically expire at designated intervals. Access from the web/app server to the internally hosted SQL database is restricted to connections on database ports only and only senior group level admins can access the database directly, using their Rubix accounts which require secondary MFA and again, only allowed from within the Rubix network.
This architecture also means that we can achieve 99.9% system availability (excl scheduled maintenance, which will be announced ahead of time and when required).
- Our Team: Rubix administrators are subject to confidentiality obligations contained in contracts of employment. Access to applications and data is limited to members of the support teams both centrally in the UK and locally in-country. Those users cannot access the system without first authenticating using their unique user ID and Password. Users that can log in to the system are assigned specific security access rights to allow them to do specific tasks relating to their role only, and with exception of high-level system administrators at group level, visibility of all data to view, edit and delete is restricted. The vending software applications employ a tiered Access Control List (ACL) model and role-based access control is employed throughout, with the principle of least-privilege being applied. This is to ensure users are assigned only the minimal right necessary to perform required activities. The vending application uses credentials which restrict it to read/write access of its own Dev, Test/UAT and Production database only. Rubix group authorised administrators have various system alerts in place that trigger upon specific unauthorized activity on the database. Rubix group IT also maintain security logs of all access to the servers by both network IP and logon credentials.
What kind of physical security is in place ?
Vending machine: Touch screen computers are secured in a metal housing accessible by lock and key. This ensures that the keyboard and USB ports are not accessible externally. No other data access ports are available externally on the machines. USB drives cannot be read from if plugged into the PC without an administrator password. The user logged into the windows session cannot browse OS file systems/folders or use the internet browser to access the internet without an administrator password.
Cloud Services: Cloud datacentres are protected against unauthorised access through a range of physical barriers including gate control entry via intercom security. Reception areas are manned and have controlled physical access. The premises are monitored by CCTV. Access is restricted to authorised visitors only. Visitors are only allowed pre-arranged access to the data centre. An entry request for specific dates and times must be raised ahead of time and registered with the data centre operator. When access is approved, QR code authority is sent to the visitor. Once at site, entry is only granted with a valid QR code and photographic ID. On site access is controlled at all doors using registered visitor access cards with a correct pin.
Is my data kept separate from other customers data ?
Data from each vending machine is synchronised to a single central database. The database architecture has been designed so that all data is segregated by country and customer. The front end applications utilise a country and customer based filtering method, whereby users who are granted access to a particular country or customer can only see the data within the scope of their access.
Will I be able to view and manage my data ?
Yes. We provide customers with the ability to manage access to their vending machines via a dedicated customer portal.
What kind of data is tracked ?
All transactional data is stored and synchronised to the central server such as what was taken, by whom and when. Both Rubix and customer administrators can view this activity via reports available in the portal.
How long is personal data stored ?
User data is stored for as long as we provide the service to the customer. Transactional data is stored for a rolling two year period after the transaction has occurred, after such time it is automatically deleted from the system. In the past, Rubix has been approached by customers to provide information on certain users and their vending activities, for example; if a user claims to have not been given the appropriate item to safely perform their task, Rubix could be asked to provide evidence of this to the customer. User data can be deleted before the two years (for example, a user has left the customer and no longer wants their name in our system) by making a request to your Rubix contact in writing (e.g. e-mail), at which point we will delete their account data. Any transactions conducted would remain for the two years however, only the user id would be visible as their name would have been deleted.
Further information about data protection and privacy can be found within the privacy pages of our company website
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article