Features

Security

Hardened and no side-loading of data.

System

  • Hardened operating system with minimal and restricted install
  • Hardened web server installation, including TLS configuration
  • Automatic patching and update mechanism of OS, software packages and applications to implement an evergreen solution
  • Digitally signed program packages from sysctl
  • No sideloading or mashup of data, or program code
  • Source code available for assessment and review for customers
  • HSTS (HTTP Strict Transport Security) to force use of always encrypted HTTPS traffic
  • Support for CSP (Content Security Policy)
  • Web part is designed and implemented with support for CSRF (Cross Source Reference Forging) protection
  • Web part is designed and implemented with several layers of input data validation
  • No usage of database in back-end to simplify solution and minimize attack surface
  • Massive logging on activities in the appliance

Files

  • Files are virus scanned with multiple antivirus scanners
  • Timestamps can be preserved

Authentication

  • Authentication and authorization to ICC server
  • Every station use their own credential to get and push data from ICC
  • Control of password complexity

Technical

Mature technology and standards.

  • Built using mature technology: Linux, Apache, Python, Perl
  • Built for Internet standards: TLS, HTTP, SMTP, NTP
  • Using well documented API
  • Seccomp-bpf
  • Hardened SElinux policy enforcing all processes
  • USB devices is mount with readonly
  • Stations use top of the art technology to isolate the kiosk solution

Usability

User-friendly from the core and on.

  • Simple and easy user interface
  • Several modes - scan only, scan and transfer, format device
  • Real time progress with information during every step
  • Possibility to transfer very large files (many gigabytes)
  • Support for multiple(14) languages (english, swedish, finnish, estonian, german, spanish, arabic etc)
  • Scan reports can be sent by email
  • Possible to have a printer for physical receipt

Features

Whitelisting of devices

Blacklisting of devices

Notifications when stations is offline

No internet access for stations

No cloud or CDN access needed

No files

ActiveDirectory intergration

SAML support

Support for TSP (Time stamp protocol) for cryptographically timestamped audit trails that a certain file passed a certain time

Enhanced statistics and administration pages

Additional languages supported

Additional Authentication Methods

Interested in Impex?