Skydio products are secure by design, safeguarding each layer of the UAS stack against external threats. From the way we source parts to the way we develop software, security is integrated from end-to-end to ensure the confidentiality, integrity, and availability of your data.
The most demanding organizations in the world trust Skydio because:
Designed, assembled, and supported in the U.S.
We work with manufacturing partners to prioritize security from the start, ensuring that we protect our critical systems that store data from external threats.
Skydio sources components from manufacturers that adhere to stringent security policies, just as we do. This helps us prioritize components sourced from companies that meet or exceed U.S. government and regulatory agency security requirements.
Skydio products integrate security practices and considerations throughout the entire software development process. Our secure development practices identify and remediate security vulnerabilities and risks early in the development process, making our products secure, robust, and reliable.
Skydio’s hardware communicates using secure AES-encrypted wireless links. SkydioLink utilizes AES-256 bit encryption for both Skydio Dock and Controller operations.
Software and firmware updates are digitally signed and verified to protect against unauthorized or malicious updates and enhance security and integrity.
Hosted on secure infrastructure in the U.S.
We protect your data in transit and at rest within Skydio Cloud where our customers manage their fleet, sync media from flights, view and share live streams from current flights, and remotely control Skydio drones through teleoperation.
Skydio Cloud is SOC2 Type II certified and is hosted in the United States on Amazon Web Services infrastructure. Skydio Cloud operates out of AWS US-West and customer data is encrypted with AES-256 encryption and continually backed up to AWS US-East. Customer data is our most protected information at Skydio, all access is carefully monitored and controlled.
Data is protected in transit with TLS 1.2/1.3 encryption (non-weak ciphers). Data uploaded to Skydio Cloud is encrypted at rest with AES-256 encryption.
Skydio offers a RESTful Skydio Cloud API which allows customers to programmatically interact with Skydio Cloud securely. Amongst a wide range of functions, Skydio Cloud API allows customers to download and delete data from Skydio Cloud through our Skydio Cloud API.
Meeting the highest security standards
Skydio is committed to earning best-in-class security compliance certifications from industry-standard evaluators. Our customers can rest assured that their data is protected by security measures that meet or exceed the highest standards.
Skydio completed SOC2 Type I and II certifications in 2022. If you wish to view the report, please request a copy from your account representative.
Skydio Drones, Dock and Cloud undergo regular penetration tests by independent security firms according to industry-standard processes. Results are shared with senior management and any discovered vulnerabilities are prioritized, tracked and remediated. Customer data is never exposed through penetration testing.
We regularly scan our network and cloud systems, promptly addressing and resolving any identified vulnerabilities or threats.