What Makes a Public Safety Platform Secure?

Security Starts with Transparency

If a company operates security technology in your community, what should you expect to know?

For many people, the answer starts with a few straightforward questions:

Where is the company based? How is data handled? How long is information retained? Is data encrypted? How is it protected after it's stored?

These questions reflect something important: trust is built through clarity.

Strong security programs don't rely on assurances alone. They provide clear answers about how systems work, how data is protected, and what controls are in place to safeguard information.

A key part of transparency is independent validation. Security claims carry more weight when they're reviewed by qualified third parties who can assess systems, identify risks, and verify that issues have been addressed. External audits and certifications provide an additional layer of accountability and help organizations demonstrate that their security practices can withstand scrutiny.

The Team Behind Cybersecurity

Technology is only one part of a security program. The people responsible for protecting it are equally important.

Effective cybersecurity teams bring together a wide range of expertise. That can include hardware specialists who analyze devices at the component level, mobile security engineers who examine operating systems for vulnerabilities, and incident response professionals who help organizations prepare for and respond to emerging threats.

Building that depth of expertise allows organizations to identify issues earlier, strengthen protections, and continuously improve system security. 

Flock has a cybersecurity team of more than 20+ engineers, including:

• Product Security & Privacy - This team is solely focused on Flock’s hardware and software products, conducting architectural reviews, threat modeling, and code scanning.
• DevSecOps - Development and Security Operations, responsible for the cybersecurity of Flock’s cloud infrastructure, such as AWS.
• GRC Engineering - Governance, Risk and Compliance Engineering, ensuring Flock maintains a high level of cybersecurity standards across the business.
• Offensive Security & Vulnerability Operations - This team conducts penetration tests and offensive security research against Flock’s entire product line. They also manage all vulnerabilities across the business and product.
• Physical Security - This team ensures Flock’s physical security standards are maintained and that the company can respond to threats against our physical office spaces.
• Incident Response & Adversary Pursuit - This team is responsible for responding to all suspected and real incidents, as well as continuously hunting in the environment for any and all possible intrusions.
  ‍

Bringing together experts across multiple security disciplines, Flock has built a cybersecurity program designed to protect data, strengthen trust, and help ensure the reliability of the systems communities depend on every day.

Security is an ongoing discipline. It requires investment, specialized skills, and a commitment to constant improvement as technology and threats evolve.

Visit the Flock Security Center to review Flock’s Cybersecurity program. 

Security Needs to Start Early

One of the most common challenges in technology development is waiting too long to think about security.

When security is considered early in the design process, organizations have more flexibility to build safeguards into products and systems from the start. Addressing security after deployment is often more difficult, more time-consuming, and in some cases, far harder to implement.

For hardware products in particular, early decisions can have long-term implications. Building with security in mind from day one creates a stronger foundation for everything that follows.

The lesson extends beyond startups. Whether building software, hardware, or connected systems, security works best when it's treated as a core requirement rather than a later addition.

Was Flock Hacked?

No, Flock’s cloud platform has not been hacked. 

Security incidents often draw attention, but understanding the nuances behind what actually happened requires effort to examine the facts.

In a recent example, claims circulated suggesting that Flock had experienced a widespread breach affecting thousands of cameras. Those claims were inaccurate.

The reported activity involved a single camera that had never been deployed to a customer, had not received software updates, and had never been connected to Flock's cloud environment. As a result, it did not receive the configurations and protections that would normally be applied through standard deployment processes.

The distinction is important. A broad customer data breach and an isolated issue involving an undeployed device are very different events. Understanding that difference helps create a clearer picture of what occurred and how organizations evaluate risk.

Security conversations are strongest when they're grounded in facts, context, and transparency rather than assumptions.

Building Confidence Through Accountability

Security isn't defined by a single feature, certification, or headline.

It's the result of deliberate design decisions, ongoing investment, independent review, and the expertise of the people responsible for protecting systems every day.

For communities, agencies, and organizations evaluating technology, the most important question may not be whether a company says it's secure. It's whether that company can clearly explain how security is built, maintained, reviewed, and improved over time.

‍