This documentation discusses the security of your guiDesigner projects when using LaunchPad.
All project files uploaded to LaunchPad are stored on a private cloud storage container completely separate from the application code.
These files can only be accessed by CommandFusion system administration staff and the application code. They are not accessible via any direct links.
The first security measure to take is to encrypt your project before uploading it to LaunchPad.
This is done using the guiDesigner File > Export > Encrypted Project Archive… option.
This will ensure that anyone who may get access to the project files will only receive an encrypted archive, which uses a secure cryptography implementation.
This encryption means no one can unzip the archive and get access to any sensitive passwords or camera streams, etc.
Any user who knows or guesses your project token and a valid PIN code combination can load the project on a mobile device if automatic allocation is left enabled.
We recommend disabling automatic allocation after your known users have been allocated, especially if your project includes remote access functionality.
Disabling automatic allocation will mean that anyone who attempts to launch your project with a valid token and PIN combination will still need to first be manually validated before the project can be launched.
If your project only works within the local network, then even if the user is allocated to the project, they won't be able to control anything without first joining the local WiFi network.
But if your project contains remote access functionality, such as camera streams or security system integration that works from any network, then you will need to be more careful with your security options.