IoT Device Guidelines
Effective May 27, 2020
Introduction
Our goal is to make the Blustream platform configuration and extensible to fit your business’s needs. The backbone of Blustream’s platform is RWD (real-world data) and IoT devices are a large contributor to it, not only acting as a user engagement tool but providing rich new insight into users and products. In that spirit, we aim to welcome as may different types of IoT devices as possible to our network.
A couple points to keep in mind:
- We define an IoT device as any network connected device that directly or indirectly transm<>its data to one or more of our IoT endpoints. An example of this would be a smart thermostat sending room temperature data. Mobile phones typically do not qualify as IoT devices unless being used to send measurement data, an example may be GPS coordinates or lighting levels.
- When using your own IoT device on the Blustream platform, you’re ultimately responsible. This includes but is not limited to security, compliance, safety, service, routine patches updates and more.
- The Blustream platform is used by many companies. In the event of a failure to comply with these guidelines or a device is suspected of harming portions of the network, Blustream may throttle, suspend and/or permanently ban device(s) to maintain network integrity.
Legal
Devices must comply with all legal requirements in any location where you make them available (if you’re not sure, check with a lawyer). We know this stuff is complicated, but it is your responsibility to understand and make sure your device conforms with all local laws, not just the guidelines below. And of course, devices that solicit, promote, or encourage criminal or clearly reckless behavior will be rejected. In extreme cases, appropriate authorities may be notified.
1.1 Ownership
You must own or have the appropriate license to operate the IoT devices you add to the Blustream platform.
1.2 Responsibility
You are at all times responsible for maintaining your IoT devices, keeping them in compliance with these guidelines and any applicable laws.
1.3 Security
We do not permit IoT devices to transmit personal data for security reasons. However, some data may still be considered sensitive and it is your responsibility to take the appropriate measures to ensure data privacy and security is enforced at the IoT device level
Technical
2.1 Connectivity
IoT devices must be able to connect to the internet via HTTP preferably HTTPS or be compatible with Blustream’s mobile BLE SDK.
2.2 Updates & Patches
You must be able to remotely update your IoT devices for security patches and/or critical updates. In the event remote updates are not available, you may submit an update plan for approval.
2.3 Personal Data
We do not permit IoT devices to transmit personal data. At Blustream use the GDPR definition for personal data. In the event personal data is required to be sent via IoT devices, please contact your Blustream account manager
2.4 Sensitive Data
Sensitive data includes any data that is not personal data but still sensitive, an example may be a users GPS coordinates for a bike ride. Sensitive data must be transmitted over HTTPS not HTTP.
Performance
3.1 Completeness
Devices on our network are expected to be of production quality. Our network is not for the use of designing, building, and testing IoT devices.
3.2 Vulnerability
Devices used in any malicious manner will be removed from the network. This includes any malicious code, data, or physical use that is illegal, may harm, or disrupt the normal operation of our network. You are responsible for the security and maintenance of your devices against improper use.
3.3 Bandwidth
Devices are provisioned to proved up to 10MB of raw data per day. This should be more than plenty for the vast majority of devices. Things like headers, protocol overhead, whitespace, or ssl do not count towards this limit. In the event your application requires a higher limit, please contact your Blustream account manager.