Enterprise-grade security for your automation

Your process data, device credentials, and control systems are protected end-to-end — from the Pi on your floor to the cloud dashboard in your browser.

Get StartedContact Us

Authentication & Access Control

Firebase Authentication with email/password and Google OAuth. Role-based access control (owner, editor, viewer) with per-device permissions and team invites.

Data Encryption

All data is encrypted in transit via TLS and at rest in Firebase RTDB and Firestore. Per-user data isolation enforced by Firebase Security Rules — no shared data paths.

Network Security

Pi devices connect to the cloud via Tailscale VPN mesh tunnels — no open ports, no exposed SSH. Device management traffic never touches the public internet.

Compliance

Data stored on Google Cloud infrastructure with SOC 2 compliance. Stripe handles all payment processing — LoopString never stores card data.

Zero-trust device access with Tailscale

Each Raspberry Pi connects to your Tailscale network automatically during provisioning. Management traffic — flow deployments, OTA updates, remote shell — routes through the encrypted VPN tunnel, never over the open internet.

  • No open inbound ports on Pi devices
  • Tailscale online status visible in the dashboard
  • Remote access provisioned with per-device scoped keys
Architecture diagram
RBAC preview

Role-based access control for teams

Invite team members with owner, editor, or viewer roles. Owners control device settings and billing. Editors can deploy flows and adjust setpoints. Viewers have read-only access to dashboards and analytics — perfect for stakeholders or auditors.

Trust & Compliance

Google Cloud / SOC 2

Firebase RTDB and Firestore run on Google Cloud infrastructure, which maintains SOC 2 Type II compliance and independent security audits.

PCI DSS (via Stripe)

All payment processing is handled by Stripe, a PCI DSS Level 1 certified provider. LoopString never stores, processes, or transmits cardholder data.

Per-User Data Isolation

Firebase Security Rules enforce strict per-user data boundaries. No user can access another user's devices, sensor data, or configurations.

Security you can trust at any scale

Start with a single device and scale to a fleet — the same security model applies throughout.

Get Started FreeContact Us