Skip to main content

Data Handling

How Breakwater collects, processes, stores, and protects your data.

Data Categories

OT Device Data

  • Device inventory: hostnames, IPs, vendors, models, firmware versions
  • SNMP metrics: interface stats, CPU, memory, environmental sensors
  • Network topology: connections, VLANs, routing information
  • Collected by: Collector agent via SNMP polling
  • Storage: PostgreSQL on Breakwater cloud (encrypted at rest)
  • Retention: As long as the device exists in inventory

Session Data

  • Session metadata: user, device, protocol, timestamps, duration
  • Session recordings: screen capture (RDP/VNC), terminal logs (SSH)
  • Collected by: Channel session broker
  • Storage: Local SSD buffer → S3-compatible object storage (encrypted)
  • Retention: Configurable per-site (default: 90 days)

Threat Intelligence

  • CVE data from NVD (public)
  • CISA KEV indicators (public)
  • EPSS scores (public)
  • Device-CVE correlation results
  • Collected by: Automated sync pipeline
  • Storage: PostgreSQL
  • Retention: Indefinite (public data)

User Data

  • Name, email, role, organization
  • Authentication tokens and sessions
  • Managed by: Clerk (third-party identity provider)
  • Storage: Clerk infrastructure + minimal local references

Data Flow Diagram

Customer Site              Breakwater Cloud             Third-Party
─────────────              ────────────────             ───────────
                                                       
Collector ──HTTPS──→ API Server ──→ PostgreSQL         
                                                       
Gateway ──Encrypted──→ Session Broker                  
                          ├──→ Session DB               
                          └──→ Recording Storage        
                                                       
                     Threat Pipeline ←── NVD API        
                                    ←── CISA KEV       
                                    ←── EPSS API       
                                                       
Browser ──HTTPS──→ Frontend (nginx)                    
                 → API (Express)                       
                 → Auth (Clerk) ──→ Clerk Cloud

Data Residency

All Breakwater infrastructure is hosted in the United States (Vultr data centers). If you require specific data residency (EU, etc.), contact us to discuss deployment options.

Data Deletion

To request deletion of your data:

  1. Self-service: Delete individual sites, devices, or sessions from the platform
  2. Account deletion: Contact support@techgonecoastal.com
  3. Data export: Request a full export before deletion (available within 30 days)

All data is permanently deleted within 30 days of request, including backups.