Security and Trust at EasySignage
Last updated: January 2026
This page explains how EasySignage protects customer data, secures digital signage networks, and maintains platform reliability at scale.
EasySignage is built with security, privacy, and operational trust at its core.
Security is not an add-on; it is embedded into every layer of the EasySignage platform, from infrastructure and application design to monitoring, compliance, and operational practices.
Platform Security Overview
EasySignage is a secure, cloud-based digital signage platform designed for education institutions, enterprises, retail networks, hospitality venues, healthcare environments, DOOH operators, and government deployments.
Security controls are applied across infrastructure, application access, content delivery, and data handling.
Core security principles applied across the platform include:
- Secure-by-design cloud architecture
- Least-privilege access control
- End-to-end encrypted communication
- Privacy-first analytics
- Continuous monitoring and auditability
- Transparent and responsible data practices
These principles ensure confidentiality, integrity, and availability across large, distributed screen networks.
Secure by Design Architecture
Cloud-Native Infrastructure
EasySignage is built on Google Cloud Platform (GCP) using a cloud-native, serverless architecture.
This approach:
- Eliminates risks associated with traditional server management
- Reduces the platform attack surface
- Inherits Google’s globally hardened security infrastructure
- Provides built-in resilience, scalability, and redundancy
Encryption at Rest
All stored data, including customer content, configuration data, metadata, and databases, is encrypted at rest using industry-standard AES-256 encryption.
Encryption In Transit
- All data transfers are protected using TLS/SSL (256-bit encryption).
- Communication between media players, screens, APIs, and cloud services is always encrypted using HTTPS / TLS 1.2 or higher.
Data Protection Across the Platform
Customer content and configuration data are protected through encryption both in transit and at rest across the EasySignage platform, helping prevent unauthorised access during storage, transmission, and processing.
Multi-Tenant Architecture
EasySignage is a multi-tenant platform designed with strict logical isolation.
Each customer account is fully separated, so users can only access:
- Their own screens
- Their own playlists
- Their own media
- Their own analytics
There is no cross-account visibility or access.
Data Protection & Privacy
No PII Storage
EasySignage does not store Personally Identifiable Information (PII).
User identities (email accounts) are managed through Google identity services
EasySignage uses industry-standard authentication and access controls designed to support secure deployments in regulated environments, aligned with widely accepted security and data-protection practices commonly associated with regulations such as GDPR.
No customer passwords are stored in plain text
Audience Analytics Privacy
AI-powered audience analytics are designed with privacy-first principles:
- No facial images are stored
- No personal identities are collected
- Analytics operate only on aggregated, non-identifiable data
- Insights are used solely for content performance and targeting logic
- Never use customer data to train public or external AI models
- Respect account isolation and permission controls
Data Ownership
Customers retain full ownership of all content, media, playlists, schedules, analytics and account data stored within EasySignage.
EasySignage:
- Does not sell customer data
- Does not share customer data with advertisers
- Does not use customer data to train public or third-party AI models
Customer data is used solely to provide and operate the EasySignage service.
Cloudflare Security Edge
EasySignage integrates Cloudflare’s global edge security platform to enhance protection, performance, and availability.
Network & Edge Protection
- Always-on DDoS Mitigation: Malicious traffic is absorbed at the edge before reaching the EasySignage servers.
- Global CDN and Load Balancing: Fast, reliable content delivery worldwide.
- Rate Limiting and Country Locking: Protection from abusive or high-risk traffic.
- Automatic Static Content Caching: Improved speed and origin server protection.
- Fast Anycast DNS: Optimised DNS resolution with Cloudflare’s Anycast network.
Secure Connections
- End-to-End SSL/TLS Encryption (256-bit): Secure connections are enforced across all layers between users, devices, and services.
Vulnerability Management
EasySignage proactively manages security risks through continuous automated vulnerability scanning.
Compliance and Standards Alignment
EasySignage operates on Google Cloud Platform (GCP), which maintains certifications against globally recognised security and compliance frameworks. EasySignage aligns its security controls and operational practices with widely accepted standards to support deployments in regulated and security-conscious environments.
Cloud infrastructure certifications (via Google Cloud):
- ISO/IEC 27001 – Information Security Management Systems
- SOC 2 – Security and availability controls
- PCI DSS – Secure handling of payment-related data
- CSA STAR – Cloud Security Alliance assurance
Data protection and regulatory alignment:
- GDPR – Data protection and privacy principles for EU residents
- HIPAA – Support for healthcare environments through security and privacy safeguards
All customer content and platform services benefit from Google Cloud’s certified infrastructure and security controls. EasySignage complements this with internal governance, access controls, encryption, and responsible operational practices.
EasySignage does not claim independent certification against these standards unless explicitly stated.
For more information:
Billing and Payments
- Subscription billing is handled by Stripe, a PCI DSS–compliant payment processor
- EasySignage does not store customer payment card details
Secure Player and Device Authentication
Media players and devices authenticate securely to the EasySignage platform using unique, temporary authentication tokens issued by the EasySignage cloud.
- Each player is authenticated individually
- Tokens restrict access to authorised resources only
- Tokens are rotated and scoped to prevent misuse
- Compromised tokens cannot be reused to access unrelated systems
This ensures that only approved screens and devices can receive and display content. Unauthorised devices cannot access customer content or systems.
Authentication and Access Control
EasySignage provides layered access control to protect accounts and screen networks.
- Secure login authentication for all users
- Role-Based Access Control (RBAC) for granular permissions
- Multi-user account support
- Account-level permissions for screens, playlists, and campaigns
- Optional Single Sign-On (SSO) via Google Identity
- Support for Multi-Factor Authentication (MFA) and OAuth 2.0
Administrators can control exactly who can:
- View content
- Edit playlists
- Publish to screens
- Manage users
- Access analytics
Users can only access data and screens that are explicitly relevant to their role.
Customer Security Controls
Customers can manage their own security settings including:
- User roles and permissions
- Screen and content access restrictions
- Publishing and approval controls
- API keys and access tokens
This allows organizations to enforce their own internal security and governance policies.
Application Security
At the application level, EasySignage implements industry best practices:
- Web Application Firewall (WAF) provided by Cloudflare to filter malicious requests
- Strict Access Control with role-based permissions at the user and team levels
- Authentication via Google Cloud Identity supports MFA (multi-factor authentication) and OAuth 2.0
- Security Headers including HSTS, CSP, and X-Frame-Options to protect against XSS, clickjacking, and injection attacks
- Rate Limiting and Session Management guard against brute-force attacks and credential stuffing.
All backend services run on hardened cloud infrastructure with least-privilege access controls.
Platform and Infrastructure Resilience
EasySignage infrastructure is designed for high availability and reliability:
- Globally distributed cloud hosting
- Redundant systems to minimise downtime
- Automated backups for critical system data
- Continuous platform health and performance monitoring
This architecture supports stable operation even across extensive screen deployments.
Software Updates and Patch Management
Security and stability improvements are continuously delivered:
- Regular platform updates
- Automatic player updates
- Rapid patching of identified vulnerabilities
- Secure development and release processes
Customers benefit from the latest security enhancements without manual intervention.
Third-Party Integrations and APIs
EasySignage uses trusted enterprise providers including:
- Google Cloud Platform
- Firebase
- Cloudflare
- Stripe (payments)
These providers maintain their own security certifications and compliance programs.
EasySignage integrates securely with trusted platforms such as:
- Canva
- Google Workspace
- Google Sheets
- Tableau
Security measures include:
- Authenticated, permission-based API access
- No exposure of customer credentials on screens
- Secure rendering of external data within the EasySignage player
Continuous Monitoring and Auditing
Security is continuously monitored and reviewed:
- Intrusion detection via Cloudflare and GCP logging
- Automated threat intelligence feeds
- Comprehensive audit trails for logins and content changes
- Regular independent security audits and penetration tests
Support and Security Reporting
Security-related questions or concerns can be reported through our official support:
Trust Commitment
EasySignage is committed to delivering a secure, reliable, and transparent digital signage platform.
Security, privacy, and trust are continuously reviewed as the platform evolves to support new technologies, integrations, and customer needs, so organisations can confidently deploy and scale their digital signage networks.