Security
Samsara’s mission is to bring the benefits of sensor data to the organizations that drive our economy and to improve the efficiency, safety, and sustainability of their operations.
Samsara products are built from the ground up with security and privacy in mind. Given the large amounts of data our system generates, we hold data security to the highest standards. Samsara’s world-class security program centers on the concept of defense in depth: securing our organization, and your organization’s data, at multiple layers. All aspects of Samsara’s service — from its patented technology architecture to built-in security tools for administrators to ongoing monitoring and risk mitigation—are designed for security and reliability by seasoned industry experts with extensive experience building secure technology systems.
Highlights
- TLS 1.2 protocols, AES 256 encryption
- Always protected with over the air patches
- Validated by 3rd party audits
- Robust end-user security tools
- Redundant hosted software service
Security in Depth
Hardened Cloud Infrastructure
Samsara’s cloud-hosted infrastructure is designed and managed in alignment with the best practices of multiple IT security standards. Samsara’s underlying infrastructure leverages Amazon AWS, which is ISO 27001 and SOC 1 Type II certified, and is rated as the leader in cloud security by research firm Forrester.
Network devices, including firewall and other boundary devices, are in place to monitor and control communications at the external boundary of the network and at key internal boundaries within the network. These boundary devices employ rule sets, access control lists (ACL), and configurations to enforce the flow of information to specific information system services.
ACLs, or traffic flow policies, are established on each managed interface, which manage and enforce the flow of traffic.
Samsara is built on a secure multi-tenant cloud architecture with logical data separation. Customer data is logically separated across distributed databases with required authentication checks for every application-layer and data-layer access made to any tenant's data. The logical separation ensures that data is always associated with exactly one customer, and required authentication checks at the application and data layers ensure that data is completely isolated by customer and accounts provisioned for that customer.
Samsara employs a Virtual Private Cloud to provide resource isolation and minimize attack surface area. Samsara services are protected by IP- and port-based firewalls. Administrative access to Samsara’s infrastructure is highly restricted, and verified by public key (RSA). Distributed Denial of Service (DDoS) attacks are mitigated with elastic load balancing and highly available DNS services.
When a storage device containing customer data has reached the end of its useful life, procedures include a decommissioning process that is designed to prevent customer data from being exposed to unauthorized individuals. Techniques detailed in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) are used to destroy data as part of the decommissioning process. All decommissioned magnetic storage devices are degaussed and physically destroyed in accordance with industry-standard practices.
Physical Device Protections
Samsara recognizes the importance of securing your data from the device to the dashboard. Our gateways are designed and tested to prevent unauthorized access and interference, including through the following safeguards:
Command Safe List
Samsara’s gateways allow only a pre-approved list of commands to be sent to the vehicle, blocking malicious or otherwise unwanted commands.
Hardware-Level Verification
Samsara gateways won’t operate if someone remotely tries to run malicious code on them, with built-in (asymmetric) cryptographic digital signatures using a public key for verification with on-device tamper protections.
Penetration Tests
Samsara includes its gateways as part of its annual penetration tests and triages, prioritizes, and remedies the results of those tests in a timely and appropriate manner.
No Default Passwords or Debug Modes
Samsara never ships vehicle gateways with standard passwords and disables all debug interfaces, preventing unauthorized access to or discovery of information about the state of the device through IoT search engines or similar methods.
Encryption
Data in Transit
Samsara uses the latest recommended secure protocols to secure traffic in transit, including TLS 1.2, AES256 encryption, and signatures.
Data at Rest
Data at rest in Samsara’s production network is encrypted using FIPS 140-2 compliant encryption standards, which applies to data at rest within Samsara’s systems—relational databases, file stores, backups, etc. All encryption keys are stored in an industry standard, secure system based on AWS’s Key Management Service. Samsara has implemented appropriate safeguards to protect the creation, storage, retrieval, and destruction of secrets such as encryption keys and service account credentials.
Secure Dashboard
Viewing your Connected Operations in the Samsara cloud via the dashboard, Samsara mobile apps, and API requires secure, TLS-encrypted connections for all application traffic.
SOC 2® Reporting
The System and Organization Controls (SOC 2) is an industry-recognized attestation report given to a company after an audit of the company’s internal practices. Our report describes the controls and processes Samsara has in place to secure customer data and to ensure availability of our system. Samsara's SOC 2 Type 1 report includes a description of our software infrastructure and the processes we have in place to keep our customers’ data safe and available. Some of the processes covered in our report are employee on-boarding and termination processes; internal access controls to production environments; and disaster recovery, data backup, and incident response processes. Samsara’s SOC 2 Type 1 report was provided by Schellman & Company, a licensed and independent certified public accountant firm. If you’re a current or prospective Samsara customer and wish to view the report, you can request a copy from your account representative.
Backups
Samsara performs regular backups of customer data. Alerting is configured to let internal staff know of backup failures to ensure timely remediation. Internal staff also performs backup restoration tests regularly to verify the integrity of the backup data.
Vendor Management
To run efficiently, Samsara relies on sub-service organizations. Where those sub-service organizations may impact the security of Samsara’s production environment, we take appropriate steps to ensure our security posture is maintained by establishing agreements that require service organizations to adhere to confidentiality commitments we have made to users. Samsara monitors the effective operation of the organization’s safeguards by conducting reviews of all service organizations’ controls before use and at least annually.
Security Tools for Administrators
Samsara provides administrative tools to protect your organization's data, including user management with email verification, authentication audit logs, and two factor authentication. Moreover, Samsara enforces robust user authentication, with data access requiring authentication via Samsara's centralized server (no default passwords or shared secrets).
24x7x365 Monitoring
Penetration Testing
In addition to our compliance audits, Samsara engages independent entities to conduct application-level, infrastructure-level, and hardware-level penetration tests at least annually. Results of these tests are shared with senior management and are triaged, prioritized, and remediated in a timely manner. Customers may receive executive summaries of these activities by requesting them from their account executive.
Customer Driven Audits and Penetration Tests
Our customers are welcome to perform their own security testing on Samsara’s environment. Please contact your account executive to learn about options for scheduling either of these activities.
Bug Bounty Program
Samsara highly values and encourages a close relationship with security researchers. The work done by the security community improves the security of our product offerings and we encourage their participation in our responsible reporting process. To administer the bug bounty program, Samsara works with Bugcrowd.
Redundant, Highly Available Infrastructure
Samsara’s service is a distributed system designed to spread computation and data across multiple physical servers. Every customer’s data is replicated across multiple servers and storage appliances, so that hardware failure will not compromise service availability or customer data. Networks are multi- homed across a number of providers to achieve Internet access diversity.
Datacenters are equipped with advanced fire detection and suppression equipment, including protection by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems. The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide back-up power for the entire facility.
Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric conditions at optimal levels. Personnel and systems monitor and control temperature and humidity at appropriate levels.
Samsara is designed for rapid failover in the event of a hardware failure or natural disaster. And Samsara sensors and gateways are equipped with on-board storage to save data locally in the event of a cloud service interruption, and will automatically upload buffered data upon service resumption.
Security Tools for Administrators
Samsara provides administrative tools to protect your organization’s data, including user management with email verification, authentication audit logs, and two factor authentication (via Google Apps). Moreover, Samsara enforces robust user authentication, with data access requiring authentication via Samsara’s centralized server (no default passwords or shared secrets).
Internally, Samsara authorizes access to Customer Data based on the principles of least privilege and segregation of duties. Samsara uses role-based access privileges to assign access to key systems. In order to access the production environment, an authorized Samsara user must have a unique username and password, multi-factor authentication, and be connected to Samsara's Virtual Private Network. Access is automatically deprovisioned for employees switching roles or leaving the company. Samsara uses a log monitoring system to track events for crucial systems in order to identify anomalous or unauthorized login, configuration, or security-group management events quickly.