To cloud or not to cloud — navigating security challenges

To cloud or not to cloud — navigating security challenges

Over the last few weeks, our team has participated in the HSE Excellence Forum in Amsterdam and the Health and Safety event in Birmingham. I always enjoy events as they present opportunities to speak with global customers and prospects, and we always gain huge insight into their evolving needs. This time, what struck me was just how prevalent the conversation around security and data privacy continues to be.

Understandably, they are at the forefront of every organisation’s thoughts. Whether it’s compliance and regulatory requirements, data governance, personal privacy, or protecting against cyberattacks, companies are grappling with safeguarding their organisations. Perhaps there’s heightened awareness because much of the world seems in flux on multiple fronts, including increased cyber threats, data leaks, geopolitical tensions and more. 

As the Founder and CEO of a growing business, I am all too familiar with these challenges. But, as a service provider committed to protecting the well-being of our customers’ workforces through data, we must continue to place security and data privacy at the core of our offer.

Our commitment to security

Our smart safety solution relies on collecting and analysing physiological and geolocation data to deliver real-time alerts that help prevent workplace incidents. Over time, actionable insights identify trends, improving safety practices and enhancing productivity. 

We work hard to encrypt data at every stage, anonymise personal information, use the latest industry standards and comply with regulations. As an organisation, we continuously monitor and improve all our policies, procedures, and IT infrastructure to ensure the company adheres to the highest industry standards. And we never share any of our – or customers’ – data with third parties (except as necessary to provide our services in accordance with our privacy policy).

The power of the cloud

For the most part, Bodytrak® runs in the cloud. And, for most customers, it’s the ideal solution as they can make use of all of our services. Indeed, 91% of businesses rely on the cloud for at least some services.

Bodytrak uses the Microsoft Azure cloud platform to enable the real-time alert system between an individual and remote supervisor. The Azure platform also hosts Bodytrak’s data analytics and machine learning frameworks, which provide a comprehensive and powerful cloud capability for remotely monitoring worker well-being in real-time.

Microsoft Azure is trusted by big names like Bosch, Experian, AXA, PWC, KPMG and Investec to name a few. Its industry-standard encryption protocols mean our offering gets unparalleled security, reliability, and scalability. 

Using industry-standard protocols, we secure data by encrypting systems and data end-to-end (at rest on the device, in transit, and in the cloud). We take a proactive approach to data security, automate vulnerability scanning and deliver advanced, real-time threat detection to constantly identify and neutralise potential risks. 

Our cloud platform offers a whole host of benefits. It’s easy to use and cost-effective; customers don’t need to install any hardware or software since they access the platform securely via any web browser. Automatic over-the-air software updates and patches ensure seamless maintenance. Customers can also access all the Bodytrak functionality, including geolocation and real-time insights.

Cloud isn’t for everyone

We recognise that the cloud is not the right fit for every organisation. Global uncertainty and deglobalisation are fuelling a reevaluation of security protocols, while data and security regulations differ from nation to nation. 

In response to customer demand and global variation, we’ve developed two additional offerings — an on-premise or air-gapped solution and a completely offline model — to accommodate all security requirements.

On-prem or air-gapped

In light of renewed security concerns, some organisations are moving selected workloads back in-house. Indeed, recent research by Citrix found that 25% of UK organisations have shifted half or more of their cloud-based workloads to on-premise infrastructure. Of course, some of these workloads may not have been fit for cloud in the first place, but it does speak to a trend of heightened security concerns. 

So, we’ve launched an on-premise solution, where customers run our monitoring platform on their servers. They host, manage, and perform updates and maintenance, all as part of their own IT environment. It means they can adhere to their own security policies, which may require different encryption or security configurations. 

This option is particularly well-suited to our growing client base in the Middle East, for example, where there are more stringent regulations around running cloud-based services, data residency, and sovereign cloud requirements. Since Bodytrak is one of only a few wearable solutions that offer on-prem and ATEX/IECEx certifications, it is suitable for oil and gas environments requiring intrinsic safety. It is also often useful for utility plants, petrochemicals, oil rigs, and oil and gas centres that work in fixed locations and where supervisors operate a control room. 

However, some Bodytrak features rely on Internet protocols or satellite connectivity, which means that while customers can access a real-time dashboard and optional alert notifications, features like geolocation and instant messaging will be unavailable.

Going off-grid

We occasionally get requests for a completely offline version of Bodytrak. These come from highly secure industries such as defence, where they cannot use cloud or internet services at all and an on-premise solution may not be an option. 

Data is stored securely on the device as the wearer gets on with their tasks. In the event of a preset threshold being exceeded the user continues to receive audio prompts if they are at risk from heat stress or fatigue. While this information is not transmitted to the dashboard in real time, data can be collected at the end of a shift (when the device is returned to charge), enabling reporting and insights that identify trends to enhance health and safety practices over time. It’s important that users are trained to act if they receive audio alerts to remain safe and incident-free.

Empowering confidence and security

Our goal at Bodytrak is always to provide peace of mind to our customers. Whether you choose our cloud, on-premise, or offline solution, you can rest assured that your data is secure, your workforce is protected, and your organisation is empowered to improve their health and safety operations.

Written by Leon Marsh, Founder & CEO of Bodytrak (21 May 2024)

Latest News