Information Security Policy

Introduction

This document includes the information security policy for Agora. The following is the Agora security architecture:

../../_images/security.png

Note

If you encounter any unfamiliar terms, refer to Terminology and Acronym for details.

Purpose

Agora is committed to safeguard the confidentiality, integrity and availability of all physical and electronic information assets that Agora contacts with.

Scope

This information security policy documents how Agora protects the customer data properly with security controls:

  • Confidentiality: against unauthorized access and eavesdropping
  • Integrity: against tampering, forgery and replay
  • Availability: realizing high availability using Agora Global Network

Information Security Policy

Data Classification

All customer data is classified according to the following policy and protected accordingly. This policy applies to data in all formats or media.

Agora categorizes the customer data in the following ways:

Category Description
Customer Account Data User information required to manage the customer account with Agora. This includes email address of the account administrator, company name, company URL and Dashboard Access Log entries.
End User Data

All customer collected end-user level data from its end users. This includes (but is not limited to) logins, identities, payment information.

This data is not shared with Agora and is therefore out of scope of this document.

Conversation Content The media contents are encrypted on the end devices, and Agora Cloud does not have any key to decrypt them.
Operational Health Metrics

Any data generated by the Agora servers when accessing the Agora Cloud, including:

Security Standards

The following security standards are applied to protect the customer data within Agora’s control.

Data Encryption

The Agora channel is encrypted with AES-128 or AES-256 algorithm between clients and client/server.

Data Transmission

Transmission Service
  • No Single Point: Agora has multiple server rooms to provide services in any region globally. The service is not affected once any server room is attacked.
  • Regional Isolation: all edge nodes are separated geographically, and the user will only connect to the edge room of the local region. The services in other regions are not affected if the server rooms of a region are attacked.
  • Rapid Recovery: the server rooms are deployed with the rapid recovery mechanism, which means if the server rooms are under traffic attacks and other malicious attacks difficult to prevent, with the special tools provided by Agora, it helps rebuild and recover the services within 30 minutes.
  • Secure Routing Services: Agora uses routing services to improve the communication quality and enhance the user experience, but Agora Cloud does not have any key to decrypt any media contents during the transmission. The media contents can only be decrypted on the end devices with customer authorized keys, including the Client App and Agora Recording Server(ARS).
Transmission Scheduling

Before the Agora SDK accesses the transmission service, it needs system scheduling to select the appropriate edge node:

  • No Single Point: the transmission dispatching service is deployed in multiple location in the Agora global network, which without any single point of failure and attack.
  • Service Isolated by Region: Agora only provides 3 scheduling nodes for each user, which ensures the service high availability and hides the other service nodes.
  • Simple DoS Attack Prevention: If multiple malicious requests from the same IP, Agora will automatically block the IP for a period.
  • Rapid Recovery: the server rooms are deployed with the rapid recovery mechanism, which means if the server rooms are under traffic attacks and other malicious attacks difficult to prevent, with the special tools provided by Agora, it helps rebuild and recover the services within 30 minutes.
  • Function Isolation: even if the dispatching service is not available, it does not affect the user to continue the ongoing communication.

Access Authorization

Whenever users try to access the Agora SD-RTN (Software-defined Real-time Network), they must go through a Dynamic Key check:

  1. Client sends an authentication request to the App Server Infrastructure.
  2. The Dynamic Key generation module integrated by App Server Infrastructure generates a Dynamic Key using the algorithms provided by Agora.io and pass the Dynamic Key to the client application.
  3. The client calls joinChannel or startRecordingService, and sets the Dynamic Key as the first parameter.
  4. The Agora Server receives the Dynamic Key and confirms that the request comes from a legal user, and then allows it to access the Agora Global Network.

There is no interaction between App Server Infrastructure and Agora Cloud during the entire authentication and authorization process, thus no need to worry about interception or attacks.

Dashboard Access

Customers can access the customer dashboard via Web or Restful API. They can check Media Server Logs and Analytics Data in the dashboard.

Note

The dashboard identity is linked to an email address provided by the customer.

Data Retention

Agora applies the following data retention policies:

Session Recordings

Customers can record some or all of the communication contents. The recordings are stored only in the customer servers. Customers have the option of encrypting each file after the completion of recording. Once encrypted, only the customers themselves have the keys to decrypt them.

Operational Metrics and Customer Account Data
  • Logging collects electronic transaction/session data such as IP addresses, user agent type, OS type. Logging does not collect text chat.

  • Logging will be kept for a maximum of 2 years from the date of the data origination:

    • Logging will be kept in a secure area to reduce the risk of tampering.
    • Customer account passwords are not logged under any circumstances.
    • Logging of administrative changes to your account with Agora will be stored.
  • Customer account data shared with Agora such as company name, address, phone number (does not include customer’s end customer or end user application data).

Access Control

Electronic Access Controls

In order to operate and maintain the Agora services, a limited number of employees (“Authorized Employees”) are required to be able to access Production Machines.

In order to access the Production Machines, each Authorized Employee is given a unique SSH key and password against that key. The employee also requires access to the Agora corporate network. All employees cleared to access the Production Machines are subject to a background check run by or on behalf of Agora.

Physical Access Controls

All Production Machines are hosted in third party data centers. Each Agora hosting provider is required to maintain industry best practice security standards.

In the general course of business, no Agora employee has physical access to Production Machines as they are not located in an Agora owned facility or in an Agora rented facility (which has signed Business Associate Agreement with Agora.io). All on-site maintenance is performed by the hosting provider.

application Security

There are several application level security features available including SSL, HTTPs and Secure Websockets, AES Encryption, and End-user Authorization Management.

Roles and Responsibilities

Agora sets responsibilities for its own staff but also for its customers. The following outlines the details:

Roles and Responsibilities within Agora

Security roles and responsibilities within Agora are categorized in the following way:

Role Responsibilities
Information Security Sub-Committee The Information Security Sub-Committee (“ISSC”) is responsible for the development and implementation of policies and procedures. The ISSC monitors company adherence, and conducts regular technical and nontechnical evaluations of Agora security policies. The ISSC also designates which employees are required to be given Authorized Employee level access.
Authorized Employee An Authorized Employee is one who is permitted access to the Production Machines. The number of Authorized Employees is kept to a minimum and access is allocated where required for the running of the platform and maintenance of the Agora service, as determined by the ISSC.
All other staff All other staff are required to adhere to this policy, maintain confidentiality as required by their terms of employment and are required to notify management if they suspect a breach or weakness.

Shared Responsibilities

When evaluating the Agora Cloud, it is important for customers to understand and distinguish between security measures that:

  • Agora implements and operates; and
  • Customer implements and operates related to the security of customer content and applications that make use of the Agora Cloud

Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks. For example, the security of customer’s end customer or end user data collected by the customer, such as application logins, identities, passwords, payment information, names, and addresses are the responsibility of customer. This type of data is not shared with Agora.

Employee Awareness Training

Agora provides awareness sessions and trainings related to information security, which are delivered no less than once per year.

All Authorized Employees, i.e., those employees with access to the Production Machines, receive additional training commensurate to the responsibilities extended to them.

Sanctions for Non-Compliance

Workforce members who fail to comply with the access to information protocol or who breach any Agora security policy will be punished according to certain sanctions, including but are not limited to, loss of employment and legal action.