Overview
Security

vGRID - Security & Compliance Brief

SaferCities connects CCTV and ANPR cameras to Police and other agencies through the vGRID SaferCity Platform. This service allows for efficient collaboration between Police, businesses, and communities for crime prevention and public safety.

Specific information about the vGRID App, Core and Gateway components can be found here:

vGRID has established security and privacy policies, procedures, and controls to protect the Security and Privacy posture of your organisation and the organisations that share and view visual information through the vGRID SaferCity Platform.

Personnel, Development & Organisational Security

SaferCities’ employees with access to any element of the vGRID SaferCity Platform are vetted every 2 years by NZ Police, who we hold a Master Services Agreement with for vGRID.

SaferCities’ access the vGRID SaferCity platform for day-to-day administration, configuration, support and troubleshooting activates such as onboarding new cameras or users, and responding to support tickets. All access is logged and auditable, with access requiring a VPN which is authenticated via SaferCities’ Azure AD. MFA is enforced, alongside Conditional Access policies.

Secure coding practices are followed including; peer-review, linting, automated testing, dependency and vulnerability scanning and software lifecycle management.

To deliver the vGRID SaferCity Platform, SaferCities also use the below trusted suppliers. These suppliers do not have access to the vGRID SaferCity Platform.

  • Dell Technologies - Hardware suppliers of vGRID Datacentre hardware (servers, switching and vGRID Gateway hardware).
  • Intel - vGRID Gateway Hardware.
  • Fortinet - Firewall supplier for core vGRID Datacentres.
  • 2Degrees (NZ) & NextDC (AU) - Datacentre hosting providers.
  • AWS - S3 block storage for ANPR Images, Vault Data and backups. ECR for container images.
  • Megaport and Fusion Networks - Major network connections.
  • GitHub - Version Control.

Ongoing Improvements

In addition to the practices outlined in this section, we are constantly improving our security and compliance posture and have multiple activities in flight including:

  • Feb-Mar 2025 - Updates to our Privacy documentation following independent recommendations by Simply Privacy.
  • Feb-Mar 2025 - Renewed penetration testing focusing on the vGRID Gateways installed on customer sites.
  • Mar-Apr 2025 - Public facing trust centre with public access to relevant internal policies.
  • Mar-Apr 2025 - Published compliance with Essential 8 Level 2 (Australian).
  • Preparation for our ISO27001 Audit in late-2025.
  • Review and updates to our PSR in 2025.

Once the trust centre is live, this Security & Compliant document will be updated and published. The live version will be found at trust.vgrid.io. To view the Privacy Policy for the vGRID SaferCity Platform Visit: vgrid.io/privacy/platform.

If you have any questions, please contact support@safercities.com.

Cloud ANPRvGRID Core