Picopoint Solutions are secure, stable and built to last
Mission Critical Services
For mission critical services and data storage, Picopoint uses a server infrastructure
hosted on a dedicated, privately owned server cluster in a secure Tier IV certified
The infrastructure is set up multi-layered, each layer running on their own separate
network segment and each layer is separated by dedicated firewalls.
- All ingress WEB and REST traffic is isolated in a separate DMZ with very limited
access to the rest of the infrastructure.
- All RADIUS and backchannel services are also isolated in their own tier with very
limited access to the rest of the infrastructure.
To allow for 24/7 service, we employ
- Separate server clusters for both web, Radius and administrative services
- Highly redundant servers with multiple points of failure protection.
- Robust NAS solutions with full redundancy
- Constant monitoring and failure detection and 24/7 direct response procedures
Non Mission Critical Services
Non-mission critical services use a cloud based microservices architecture.
- All communication between these services and main server infrastructure is
through our own dedicated APIs using accounts with access limited to only
- All services are protected by their own firewalls.
Data storage and encryption
User sensitive data is only stored in our server infrastructure at our Tier IV certified
datacenter. All user/session data is only stored in its own firewall protected data layer.
All confidential data is fully encrypted.
Picopoint LBS services are not storing any session or probe data locally. All data is only
processed in memory and only the resulting anonymized aggregated statistics are stored
in our datacenter location.
General Industry Standards Compliance
Our services are integrated in B2B solutions of our partners including major international
ISPs and retail chains. Generally, compliance is managed through those
To certify we as Picopoint can guarantee those organizations can comply:
- We have certified our level of security and compliance through SLAs.
- The complying parties regularly audit and perform security scans on our infrastructure
There is no credit card or payment information processed or stored in any non-compliant
way. We offer many integration paths (vouchers, APIs, custom authentication channels)
which would still isolate all payment processing from the guest WiFi authentication.
There is no payment information/processing using the same network infrastructure as used
for other services (e.g. guest WiFi access). All communication/network traffic necessary for
Guest Access, will be fully isolated on transport level or through end to end encryption, using
both VPN tunnels and dedicated HTTPS sessions.
Picopoint is fully GDPR (EU privacy law) and AVG (Dutch privacy law) compliant, which
combined have one of the highest level of requirements, concerning privacy and user data
This is done through (but not limited to):
- Requiring potential WiFi users to accept both privacy statements and Terms of Services
before allowing access. These will be vetted by us and can be customized to comply with
any further requirements of the customer and local law.
- Allowing end users to both request their data usage and request removal of all personal data
from our system. Both through our own services, support staff, or through integration with
the customers’ infrastructure using our REST APIs.
t: +31 (0)165 747 200
© 2022 Picopoint Solutions