Security

Connec2 Cloud connects only authorized users to content stored within an isolated virtual environment.
Below is an overview of the core software security and architecture principles that safeguard the platform.

Security measures summary

🔒 Transport Communication

• TLS 1.3 (SSL) for REST API traffic
• AES-GCM-256 for XR traffic (components, voice, and screenshare)
  • Optimized for performance in VR
  • Randomized, continuously changing keys during sessions

These protocols ensure that all communication between client and cloud remains encrypted, secure, and tamper-proof.

🔐 Encryption and Authentication

• Future-ready end-to-end encryption
  • Worlds can be password-protected
  • The same password can be used to encrypt event data
• Role-Based Access Control (RBAC) for fine-grained permissions
• Password Hashing:
  • bcrypt hash with salt for secure credential storage
• JWT Tokens:
  • Signed using HS512 algorithm for session validation and API access

🧩 Data and Deployment Isolation

• Database isolation per tenant / workspace
• Connec2 Cloud is available in two configurations:
  • Public Cloud (default) — hosted at TransIP in Amsterdam,
    ISO 27001:2013 certified
  • Private Cloud — on request, for local or dedicated deployments

Summary

Connec2 ensures privacy, data security, and performance across all layers—from transport encryption to workspace isolation.
By combining modern cryptography standards and cloud flexibility, users benefit from a platform that’s both secure and scalable for enterprise and educational use.