info-beamer hosted - keeping your screens safe
Secure by default
You don't have to be a security export to run a secure digital signage network using info-beamer hosted. We do the hard job for you. Everything our system does is secure by default: So there are no default password to connect to your devices and all data transferred to our service or your devices is always using TLS encrypted connections.
Two-factor-authentication
We support one time backup keys, TOTP-based one time passwords as well as FIDO2 compatible hardware tokens as optional second factor for all logins. You can enforce 2FA for users accessing a shared account.
ACL based account access and sharing
You can share access to your account or generate any number of API keys with full or limited access to your account. If you want, you can create custom rules that precisely control access to your account. Limit by IP range, time of the day and countless other properties and be sure that others (or your own API calls) can only access what's required for the job.
Locked down devices
Our custom operating system is optimized from the start to only run services required for digital signage. By default your device doesn't open up any services to your network and is basically completely invisible. Externally reachable services, like the optional ssh service must be explicitly enabled and even then are made as secure as possible - for ssh, for example, we don't allow password based logins.
Optional secure peer-to-peer content distribution
You can enable our optional secure content distribution feature that allows your devices to receive content faster by sharing it between devices within the same local network. Of course transfer of content between your devices is then also fully encrypted. This feature is completely optional and you can enable it with the click of a button for each of your devices.
A safe website
We follow all the best practices running our service and its website. This includes a firewalled system and tight control over what we include on our website. For example we don't have external JavaScript at all except those required by our payment service provider - So there's no analytics, ad trackers or other garbage included anywhere.
When you visit our website or use our digital signage dashboard your connection to our service is always using encryption. We even enforce this so you never accidentally connect to our service with an unencrypted connection. Your devices also only ever contact our service using an encrypted connection.
Of course our API is also only reachable using https to ensure that API keys cannot be stolen.
Sandboxed device services
Your devices can run additional code next to the code that controls the visual output - for example code that contacts a twitter API or weather service. We sandbox this code on each of your devices to prevent it from accidentally causing harm to your devices.
Cryptographically verified content
All content transferred to your devices, be it images, videos or the code that controls what's on the screen, is always cryptographically verified by your devices. They will detect and prevent incomplete content from ever being used on a device.
Secure payment
We rely on stripe.com as well as paddle.com for securely handling payments from all over the world.