Security

Data security is of critical importance for Landel and for you. Security begins with the DataBug kiosk.

Data Encryption and Transmission

When data is collected by the DataBug kiosk it is saved in encrypted form. Once the data is safely transmitted to the Landel transfer point, it is decrypted and stored for you to retrieve using standard security protocols. When you retrieve your data, you will need a password that you can define and provide to Landel. If you wish, you can also lock down your password to an associated IP address, adding even more comfort. The retrieval process, or the transfer of data from the Landel transfer point to you or your systems, is accomplished using SSL, which is the same standard that enables the banking system and other secure sites to work. DataBug is therefore secure from one end to the other.

Privacy screens and panels

Privacy panels are vision barriers for computer-based kiosks that obscure displayed information on-screen when viewed at indirect angles. Security panels can also be placed on computer-based kiosks, on either side of the screen, to further ensure privacy. These are required on computer-based kiosks to ensure private information is not easily viewed on large touch screen monitors by simply looking over a respondent’s shoulder. The DataBug solution is easier and cheaper: just don’t use an over-sized screen if the task doesn’t require one. DataBug uses a small, private screen, which is more personal and difficult to view by anyone other than the respondent. Less can be more. It makes little sense to spend too much money on a computer-based kiosk with a big screen that isn’t needed, only to then spend additional money to ensure that on-lookers cannot use the big screen to view private information.

Keyboard filters

Computer-based kiosks often have expensive touch screen monitors for the sole purpose of enabling the use of virtual keyboards. The objective of the virtual (on-screen) keyboard is to provide a keyboard without specialty keys that can sometimes be used to gain access into unwanted areas. For the same reason, kiosks can also employ keyboard filtering, special software designed to disable specialty keys or prevent certain key combinations. The DataBug solution is easier and cheaper: just use a real keyboard that doesn’t have unwanted keys. Keys like F9 and ESC do not appear on the DataBug keyboard — it only has the keys it needs. Simpler solutions are usually better solutions — it is more effective to start with a simpler keyboard that has just the keys needed for the job. Less can be more. It makes little sense to spend too much money for a touch screen in order to make a reduced function keyboard, or to spend more money for special software to prevent the use of keys that shouldn’t even be there.

Computer-based kiosks often have security software that disables a user’s ability to open new windows or menus; and disables access to the operating system and the ability to escape the application program. The objective is to ensure that the kiosk can only be used for the purpose intended. The DataBug solution is easier and cheaper: just don’t even enable the kiosk to do anything other than what is intended. DataBug isn’t a computer. It has no common operating system that can be maliciously leveraged, its memory, processing and other resources are too limited to execute foreign (possibly malicious) code, there are no menu systems, there are no other applications beyond the employment application task at hand. Less can be more. It makes little sense to spend too much money in order to install a kiosk that is more powerful than you need, only to spend even more money trying to limit that power.

Browser lockdown and domain blocking

These two, for computer based kiosks, allow kiosk managers to enable access to whatever browser-based applications they wish, while preventing users from reaching the Internet at large, local or external operating systems, local or external files, desktop, browser menu, or systems settings; prevents overwriting or downloading files. The DataBug solution is easier and cheaper: don’t use a browser, don’t enable access directly to the Internet or to an Intranet, and never let it be connected to your other systems. DataBug captures and transmits data via direct connect or Internet, but it cannot broadly access the Internet, has no browser, and has NO direct connection to any customer systems and therefore cannot be used as an entry point into them. Risk management is not part of the direct business case, but it should be. Do a search for the TJX Effect to see why. Does “a security-hardened Microsoft IE browser” really exist? Less can be more. It makes little sense to spend too much money to install a kiosk that is too powerful, only to spend more money to limit the risk that power poses.

Data and device theft

DataBug is designed to NOT be a computer. One of the many reasons is that computers have the capability of storing a great deal of information, which is still there and still recoverable long after it has been ‘deleted’. DataBug doesn’t expose you to that kind of long term risk. DataBug only holds limited data, by design, because it is meant to be a temporary store. Data is created, stored temporarily, transferred, then deleted. The same is true for the Landel transfer point. It is not meant to be a data store, but merely a short term transfer point. The only place your data is kept long term, by design, is in your systems, when under your careful and personal control. Everything else is meant to be short term. There is always a risk that a device will be stolen in order to get the data inside, especially a computer-based device that might have a lot of data inside. Some thieves want the data, others just want the device itself, and this is an increasing problem due to the introduction of computer tablets. The DataBug solution is simple: don’t use a device with a hard drive that can be re-tasked, don’t use a device with a large memory, don’t use a device that is commonly and easily understood by thieves, and don’t use a device that thieves see value in stealing.