PubNub Security

Developers are shifting from building realtime, data streaming applications with three-tier architectures, which aren’t inherently fit for scaling or securing data streams, to using data streaming networks, which provide these essential needs out of the box.

PubNub has security measures at the network, message, channel, user, and key level, spanning multiple categories:

• Legislative: PubNub is HIPAA compliant, ensuring all legal requirements are met for transporting medical data. PubNub is also EU-US Privacy Shield compliant and supports geographical limitations on where messages are stored.
• Attack Prevention: No inbound open ports are required as all connections to PubNub is outbound from the client. Additionally, PubNub has intelligent data center routing in place to thwart any regional attacks.
• Encryption: Point-to-point network TLS encryption and end-to-end message AES encryption
• Authorization: Granular read and write access control with optional TTLs and the ability to revoke permissions

Security must be looked at from a different angle when applied to data streams; yes, our continual infrastructure patching, auditing, and encryption ensures that the network is secure, but what if one of your data stream endpoints – e.g. an individual user’s smartphone – becomes compromised? PubNub enables you to immediately block any device as soon as you anticipate a security threat or detect unauthorized access. Furthermore, traffic can be separated into channels with different access levels, restricting channels requiring the highest levels of clearance to a small subset of devices, lowering the attack surface and reducing exposure.

For further learning, please see:

• Security section of the knowledge base
• Security documentation