๐Ÿ“„ Site Architecture & Security
Sign in

Site Architecture & Security


๐Ÿ’ก

Unverified Users and/or account access will lock after 5 unsuccessful login attempts.

A browser session will time out (force log out) after 15 minutes of inactivity.


Jump to:

Site Architecture & SecurityWeb Application DefaultsProtocolsFacility Hierarchy




Web Application Defaults

The Mirador Insights application is web-based and has no download requirements, OS dependencies or platform requirements. For the best experience:

  • Our preferred browser is Chrome, though Insights will operate within Firefox, Edge or Safari.
  • Microsoft Internet Explorer is not supported
  • We recommend turning on โ€œauto updateโ€ for your browser of choice to ensure optimal performance
  • Mirador technical support can assist with issues related to the current and previous versions of a standard browser. Earlier versions are not supported, as functionality may vary



Protocols

Application data is hosted under AWS (Amazon Web Services) and therefore uses the following baseline protocols:

  • TLS 1.2 or higher (Certificates of SSL/TSL)
  • FTP & SSH file transfers and code deployments
  • Standardized AWS network firewalls
  • All backend interactions, whether by Dispenser or WebApp, use industry standard HTTPS (secure HTTP) and data in transit is encrypted.
  • Dispenser uses industry standard WPA2/WPA3 (Wi-Fi Protected Access) to establish the Wi-Fi connection
  • Dispenser uses HTTPS (TCP port 443) for backend transactions and SNTP (Simple Network Time Protocol) (UDP port 123) for time sync
  • There are no services/daemons running on the Dispenser to allow remote access (e.g., like a remote shell)
  • WebApp has a login mechanism with session timeout to protect against unauthorized access

 

To note:

  • There is no place in the WebApp nor backend where a client SSID or network password is unencrypted, and
  • Our solution (i.e., WebApp, dispensers, and backend datastore) does not transmit or store PHI.



Facility Hierarchy

Many of the fields within Insights have been configured by our Client Services team during onboarding, and will be available โ€œout the boxโ€ when you first log in, such as:

  • Organizations
  • Locations
  • Departments
  • Staff User Roles and Permissions
  • BLE Tags
  • Dispensers
  • Dispenser Groups (Rooms)

 

Access to data within Insights is tied to User permissions, specifically to which Organization(s) an administrator or supervisor has been assigned. Please reach out to Support if any of these fields require modification. 

 

Please reach out to Support should you have questions or additional security documentation needs.