10 Jun 2018

Security of Joan servers: minimum data, maximum safety

From managing office logistics to virtual traffic signs, e-paper technology is spearheading the future of scheduling systems, and we’re proud to say Joan represents the very tip of that spear.

But with various security flaws emerging in certain competing meeting rooms booking products, it is more than understandable that there has been some concern lately about the level of data security our solutions provide. After all, our devices are on your front lines, and security simply has to take top priority. Without it, any groundbreaking innovation remains nothing but a great idea.

By growing the latest thin client ecosystem, we’re able to guarantee our customers the most durable and safest solutions currently on offer. As discussed in the previous post on the security performance of Joan devices, our unofficial motto reads: less is more. Hinting of course at the negligible amount of information stored on each device. Ergo, nothing to steal or manipulate. Now it’s time to shift our attention to the true bearer of this responsibility – the server.

While Joan sits comfortably on the door or wall of your office helping take care of business, the server, located far away, is actually the one doing all the work. A very diligent master, if you will. Having the brains of the operations somewhere else is the main advantage of this kind of ecosystem, but does the simplicity and elegance of its endpoints in anyway compromise the server’s security and consequently the privacy of their users?

No. Why? Because we purposely shy away from storing any additional client data on our servers. Data processing is limited to the sole amount needed for our devices to function. Nothing more. Basically, for Joan to have all her cards on the table, the server acts as a cunning croupier, dealing out only that which is absolutely necessary for us to see and use. But please, don’t believe these fancy analogies, believe in the science behind them.

When you approach Joan and tap on its screen to reserve a meeting room clicks are sent up to a smart server, which then in turn pushes images down onto the device. Our servers also refrain from using built-in calendars; all they require is momentary access to users’ basic scheduling information, which then travels back via the same channel. So whatever you see printed on the device has been prepared (optimized, compressed, etc.) on the server (cloud).

Although it goes without saying that our customers’ servers still have to be accessed in order for Joan to do its job, a displayed calendar, for instance, is the result of the minimum data needed to be fetched. No useful data is compiled that could appeal to hackers. Thus, whatever little data you do entrust us with is literally ‘worthless’ in the first place.

Therefore, the famous phrase “if you’re not paying for the product, you are the product” carries no weight whatsoever. What you pay for ends with Joan: flexible installation, an incredibly long battery life and the ability to organize your office spaces and meeting rooms without worrying about any security breaches.

It’s not surprising that major organizations in both the private and public sector, from universities to hospitals, from military facilities to banks, are looking toward thin client technology solutions, not just because of their functionality, but foremost because they provide incomparably better data monitoring, or in our case, the option of storing virtually no data at all.