{"id":4284,"date":"2022-08-24T16:19:00","date_gmt":"2022-08-24T16:19:00","guid":{"rendered":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/"},"modified":"2025-09-29T13:16:21","modified_gmt":"2025-09-29T13:16:21","slug":"hyperspace-security-design","status":"publish","type":"page","link":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/","title":{"rendered":"Hyperspace Security Design"},"content":{"rendered":"<html><head><meta content=\"text\/html; charset=UTF-8\" http-equiv=\"content-type\"><style type=\"text\/css\">.lst-kix_2pqoj7yqcbc0-6>li:before{content:\"\\0025cf   \"}.lst-kix_2pqoj7yqcbc0-7>li:before{content:\"\\0025cb   \"}.lst-kix_2pqoj7yqcbc0-2>li:before{content:\"\\0025a0   \"}.lst-kix_2pqoj7yqcbc0-0>li:before{content:\"\\0025cf   \"}.lst-kix_2pqoj7yqcbc0-1>li:before{content:\"\\0025cb   \"}.lst-kix_2pqoj7yqcbc0-8>li:before{content:\"\\0025a0   \"}ul.lst-kix_dpa8cp4doet4-7{list-style-type:none}ul.lst-kix_dpa8cp4doet4-8{list-style-type:none}ul.lst-kix_goky85f7lyx8-8{list-style-type:none}ul.lst-kix_dpa8cp4doet4-5{list-style-type:none}ul.lst-kix_dpa8cp4doet4-6{list-style-type:none}ul.lst-kix_dpa8cp4doet4-3{list-style-type:none}ul.lst-kix_dpa8cp4doet4-4{list-style-type:none}ul.lst-kix_dpa8cp4doet4-1{list-style-type:none}ul.lst-kix_goky85f7lyx8-3{list-style-type:none}ul.lst-kix_dpa8cp4doet4-2{list-style-type:none}ul.lst-kix_goky85f7lyx8-2{list-style-type:none}ul.lst-kix_goky85f7lyx8-1{list-style-type:none}.lst-kix_5iu32rubc7u6-1>li:before{content:\"\\0025cb   \"}ul.lst-kix_dpa8cp4doet4-0{list-style-type:none}ul.lst-kix_goky85f7lyx8-0{list-style-type:none}ul.lst-kix_goky85f7lyx8-7{list-style-type:none}ul.lst-kix_goky85f7lyx8-6{list-style-type:none}ul.lst-kix_goky85f7lyx8-5{list-style-type:none}.lst-kix_5iu32rubc7u6-0>li:before{content:\"\\0025cf   \"}ul.lst-kix_goky85f7lyx8-4{list-style-type:none}.lst-kix_5iu32rubc7u6-3>li:before{content:\"\\0025cf   \"}.lst-kix_5iu32rubc7u6-5>li:before{content:\"\\0025a0   \"}.lst-kix_5iu32rubc7u6-2>li:before{content:\"\\0025a0   \"}.lst-kix_5iu32rubc7u6-6>li:before{content:\"\\0025cf   \"}.lst-kix_5iu32rubc7u6-4>li:before{content:\"\\0025cb   \"}.lst-kix_2szf7eexr8z3-8>li:before{content:\"\\0025a0   \"}ul.lst-kix_thazg04u1d1d-1{list-style-type:none}ul.lst-kix_thazg04u1d1d-0{list-style-type:none}ul.lst-kix_top7qzsku2zx-0{list-style-type:none}ul.lst-kix_thazg04u1d1d-3{list-style-type:none}ul.lst-kix_top7qzsku2zx-1{list-style-type:none}ul.lst-kix_thazg04u1d1d-2{list-style-type:none}ul.lst-kix_top7qzsku2zx-2{list-style-type:none}ul.lst-kix_rz3p43oycv74-0{list-style-type:none}ul.lst-kix_rz3p43oycv74-2{list-style-type:none}ul.lst-kix_rz3p43oycv74-1{list-style-type:none}.lst-kix_2szf7eexr8z3-2>li:before{content:\"\\0025a0   \"}.lst-kix_2szf7eexr8z3-0>li:before{content:\"\\0025cf   \"}.lst-kix_2szf7eexr8z3-1>li:before{content:\"\\0025cb   \"}.lst-kix_282g4nuy3j0q-1>li:before{content:\"\\0025cb   \"}.lst-kix_5jh5hqbn5xl5-2>li:before{content:\"\\0025a0   \"}.lst-kix_282g4nuy3j0q-2>li:before{content:\"\\0025a0   \"}.lst-kix_5jh5hqbn5xl5-1>li:before{content:\"\\0025cb   \"}.lst-kix_5jh5hqbn5xl5-5>li:before{content:\"\\0025a0   \"}.lst-kix_goky85f7lyx8-6>li:before{content:\"\\0025cf   \"}.lst-kix_282g4nuy3j0q-5>li:before{content:\"\\0025a0   \"}.lst-kix_goky85f7lyx8-7>li:before{content:\"\\0025cb   \"}.lst-kix_282g4nuy3j0q-3>li:before{content:\"\\0025cf   \"}.lst-kix_5jh5hqbn5xl5-4>li:before{content:\"\\0025cb   \"}.lst-kix_282g4nuy3j0q-4>li:before{content:\"\\0025cb   \"}.lst-kix_5jh5hqbn5xl5-3>li:before{content:\"\\0025cf   \"}.lst-kix_goky85f7lyx8-8>li:before{content:\"\\0025a0   \"}.lst-kix_2szf7eexr8z3-3>li:before{content:\"\\0025cf   \"}ul.lst-kix_thazg04u1d1d-8{list-style-type:none}ul.lst-kix_thazg04u1d1d-5{list-style-type:none}.lst-kix_2szf7eexr8z3-4>li:before{content:\"\\0025cb   \"}.lst-kix_2szf7eexr8z3-5>li:before{content:\"\\0025a0   \"}ul.lst-kix_thazg04u1d1d-4{list-style-type:none}.lst-kix_282g4nuy3j0q-6>li:before{content:\"\\0025cf   \"}ul.lst-kix_thazg04u1d1d-7{list-style-type:none}ul.lst-kix_thazg04u1d1d-6{list-style-type:none}.lst-kix_2szf7eexr8z3-6>li:before{content:\"\\0025cf   \"}.lst-kix_2szf7eexr8z3-7>li:before{content:\"\\0025cb   \"}.lst-kix_282g4nuy3j0q-7>li:before{content:\"\\0025cb   \"}.lst-kix_5jh5hqbn5xl5-0>li:before{content:\"\\0025cf   \"}.lst-kix_282g4nuy3j0q-8>li:before{content:\"\\0025a0   \"}.lst-kix_top7qzsku2zx-1>li:before{content:\"-  \"}.lst-kix_rz3p43oycv74-5>li:before{content:\"\\0025a0   \"}.lst-kix_rz3p43oycv74-7>li:before{content:\"\\0025cb   \"}.lst-kix_top7qzsku2zx-3>li:before{content:\"-  \"}.lst-kix_top7qzsku2zx-5>li:before{content:\"-  \"}.lst-kix_rz3p43oycv74-1>li:before{content:\"\\0025cb   \"}.lst-kix_goky85f7lyx8-0>li:before{content:\"\\0025cf   \"}.lst-kix_ft2i69o3rob-3>li:before{content:\"\\0025cf   \"}.lst-kix_ft2i69o3rob-1>li:before{content:\"\\0025cb   \"}.lst-kix_ft2i69o3rob-5>li:before{content:\"\\0025a0   \"}.lst-kix_goky85f7lyx8-2>li:before{content:\"\\0025a0   \"}.lst-kix_5jh5hqbn5xl5-6>li:before{content:\"\\0025cf   \"}.lst-kix_rz3p43oycv74-3>li:before{content:\"\\0025cf   \"}.lst-kix_5jh5hqbn5xl5-8>li:before{content:\"\\0025a0   \"}.lst-kix_goky85f7lyx8-4>li:before{content:\"\\0025cb   \"}ul.lst-kix_akvyymgceazq-0{list-style-type:none}.lst-kix_dpa8cp4doet4-7>li:before{content:\"\\0025cb   \"}.lst-kix_dpa8cp4doet4-5>li:before{content:\"\\0025a0   \"}.lst-kix_ft2i69o3rob-7>li:before{content:\"\\0025cb   \"}.lst-kix_thazg04u1d1d-6>li:before{content:\"\\0025cf   \"}.lst-kix_top7qzsku2zx-7>li:before{content:\"-  \"}ul.lst-kix_akvyymgceazq-6{list-style-type:none}ul.lst-kix_akvyymgceazq-5{list-style-type:none}ul.lst-kix_akvyymgceazq-8{list-style-type:none}ul.lst-kix_akvyymgceazq-7{list-style-type:none}ul.lst-kix_akvyymgceazq-2{list-style-type:none}ul.lst-kix_akvyymgceazq-1{list-style-type:none}ul.lst-kix_akvyymgceazq-4{list-style-type:none}.lst-kix_thazg04u1d1d-8>li:before{content:\"\\0025a0   \"}ul.lst-kix_akvyymgceazq-3{list-style-type:none}.lst-kix_thazg04u1d1d-4>li:before{content:\"\\0025cb   \"}.lst-kix_5iu32rubc7u6-8>li:before{content:\"\\0025a0   \"}.lst-kix_dpa8cp4doet4-1>li:before{content:\"\\0025cb   \"}.lst-kix_dpa8cp4doet4-3>li:before{content:\"\\0025cf   \"}.lst-kix_c045acpbq3ib-5>li:before{content:\"\\0025a0   \"}.lst-kix_thazg04u1d1d-2>li:before{content:\"\\0025a0   \"}.lst-kix_c045acpbq3ib-7>li:before{content:\"\\0025cb   \"}.lst-kix_thazg04u1d1d-0>li:before{content:\"\\0025cf   \"}ul.lst-kix_282g4nuy3j0q-3{list-style-type:none}ul.lst-kix_282g4nuy3j0q-2{list-style-type:none}ul.lst-kix_282g4nuy3j0q-1{list-style-type:none}ul.lst-kix_282g4nuy3j0q-0{list-style-type:none}ul.lst-kix_282g4nuy3j0q-7{list-style-type:none}ul.lst-kix_282g4nuy3j0q-6{list-style-type:none}ul.lst-kix_282g4nuy3j0q-5{list-style-type:none}ul.lst-kix_282g4nuy3j0q-4{list-style-type:none}ul.lst-kix_282g4nuy3j0q-8{list-style-type:none}.lst-kix_c045acpbq3ib-3>li:before{content:\"\\0025cf   \"}.lst-kix_c045acpbq3ib-1>li:before{content:\"\\0025cb   \"}.lst-kix_2pqoj7yqcbc0-4>li:before{content:\"\\0025cb   \"}.lst-kix_akvyymgceazq-7>li:before{content:\"\\0025cb   \"}.lst-kix_akvyymgceazq-6>li:before{content:\"\\0025cf   \"}.lst-kix_akvyymgceazq-8>li:before{content:\"\\0025a0   \"}ul.lst-kix_izefyhgfp0tt-1{list-style-type:none}.lst-kix_izefyhgfp0tt-8>li:before{content:\"\\0025a0   \"}ul.lst-kix_5jh5hqbn5xl5-7{list-style-type:none}ul.lst-kix_izefyhgfp0tt-2{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-6{list-style-type:none}ul.lst-kix_izefyhgfp0tt-3{list-style-type:none}.lst-kix_izefyhgfp0tt-7>li:before{content:\"\\0025cb   \"}ul.lst-kix_izefyhgfp0tt-4{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-8{list-style-type:none}ul.lst-kix_c045acpbq3ib-1{list-style-type:none}ul.lst-kix_izefyhgfp0tt-5{list-style-type:none}.lst-kix_izefyhgfp0tt-6>li:before{content:\"\\0025cf   \"}ul.lst-kix_c045acpbq3ib-0{list-style-type:none}ul.lst-kix_izefyhgfp0tt-6{list-style-type:none}ul.lst-kix_c045acpbq3ib-3{list-style-type:none}ul.lst-kix_izefyhgfp0tt-7{list-style-type:none}ul.lst-kix_c045acpbq3ib-2{list-style-type:none}ul.lst-kix_ft2i69o3rob-8{list-style-type:none}ul.lst-kix_izefyhgfp0tt-8{list-style-type:none}ul.lst-kix_ft2i69o3rob-7{list-style-type:none}ul.lst-kix_ft2i69o3rob-6{list-style-type:none}ul.lst-kix_ft2i69o3rob-5{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-1{list-style-type:none}ul.lst-kix_ft2i69o3rob-4{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-0{list-style-type:none}ul.lst-kix_ft2i69o3rob-3{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-3{list-style-type:none}ul.lst-kix_ft2i69o3rob-2{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-2{list-style-type:none}ul.lst-kix_ft2i69o3rob-1{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-5{list-style-type:none}ul.lst-kix_ft2i69o3rob-0{list-style-type:none}ul.lst-kix_5jh5hqbn5xl5-4{list-style-type:none}.lst-kix_izefyhgfp0tt-0>li:before{content:\"\\0025cf   \"}.lst-kix_u3tlaa94wryn-6>li:before{content:\"-  \"}.lst-kix_izefyhgfp0tt-1>li:before{content:\"\\0025cb   \"}.lst-kix_u3tlaa94wryn-5>li:before{content:\"-  \"}.lst-kix_u3tlaa94wryn-7>li:before{content:\"-  \"}.lst-kix_izefyhgfp0tt-2>li:before{content:\"\\0025a0   \"}.lst-kix_u3tlaa94wryn-4>li:before{content:\"-  \"}.lst-kix_u3tlaa94wryn-8>li:before{content:\"-  \"}ul.lst-kix_c045acpbq3ib-5{list-style-type:none}.lst-kix_izefyhgfp0tt-4>li:before{content:\"\\0025cb   \"}ul.lst-kix_c045acpbq3ib-4{list-style-type:none}ul.lst-kix_c045acpbq3ib-7{list-style-type:none}.lst-kix_izefyhgfp0tt-3>li:before{content:\"\\0025cf   \"}.lst-kix_izefyhgfp0tt-5>li:before{content:\"\\0025a0   \"}ul.lst-kix_c045acpbq3ib-6{list-style-type:none}ul.lst-kix_c045acpbq3ib-8{list-style-type:none}.lst-kix_akvyymgceazq-0>li:before{content:\"\\0025cf   \"}ul.lst-kix_izefyhgfp0tt-0{list-style-type:none}.lst-kix_akvyymgceazq-1>li:before{content:\"\\0025cb   \"}.lst-kix_u3tlaa94wryn-0>li:before{content:\"-  \"}.lst-kix_akvyymgceazq-2>li:before{content:\"\\0025a0   \"}.lst-kix_u3tlaa94wryn-2>li:before{content:\"-  \"}.lst-kix_u3tlaa94wryn-1>li:before{content:\"-  \"}.lst-kix_u3tlaa94wryn-3>li:before{content:\"-  \"}.lst-kix_akvyymgceazq-3>li:before{content:\"\\0025cf   \"}.lst-kix_akvyymgceazq-5>li:before{content:\"\\0025a0   \"}.lst-kix_akvyymgceazq-4>li:before{content:\"\\0025cb   \"}ul.lst-kix_2szf7eexr8z3-8{list-style-type:none}.lst-kix_top7qzsku2zx-0>li:before{content:\"-  \"}.lst-kix_top7qzsku2zx-2>li:before{content:\"-  \"}ul.lst-kix_2szf7eexr8z3-5{list-style-type:none}ul.lst-kix_2szf7eexr8z3-4{list-style-type:none}ul.lst-kix_2szf7eexr8z3-7{list-style-type:none}ul.lst-kix_2szf7eexr8z3-6{list-style-type:none}.lst-kix_rz3p43oycv74-6>li:before{content:\"\\0025cf   \"}ul.lst-kix_2pqoj7yqcbc0-1{list-style-type:none}ul.lst-kix_2pqoj7yqcbc0-0{list-style-type:none}ul.lst-kix_2pqoj7yqcbc0-3{list-style-type:none}.lst-kix_top7qzsku2zx-4>li:before{content:\"-  \"}ul.lst-kix_2pqoj7yqcbc0-2{list-style-type:none}.lst-kix_top7qzsku2zx-6>li:before{content:\"-  \"}.lst-kix_rz3p43oycv74-8>li:before{content:\"\\0025a0   \"}.lst-kix_ft2i69o3rob-0>li:before{content:\"\\0025cf   \"}.lst-kix_rz3p43oycv74-0>li:before{content:\"\\0025cf   \"}ul.lst-kix_2pqoj7yqcbc0-8{list-style-type:none}.lst-kix_ft2i69o3rob-2>li:before{content:\"\\0025a0   \"}.lst-kix_goky85f7lyx8-1>li:before{content:\"\\0025cb   \"}.lst-kix_goky85f7lyx8-3>li:before{content:\"\\0025cf   \"}ul.lst-kix_2pqoj7yqcbc0-5{list-style-type:none}ul.lst-kix_2pqoj7yqcbc0-4{list-style-type:none}ul.lst-kix_2pqoj7yqcbc0-7{list-style-type:none}ul.lst-kix_2pqoj7yqcbc0-6{list-style-type:none}.lst-kix_rz3p43oycv74-2>li:before{content:\"\\0025a0   \"}ul.lst-kix_2szf7eexr8z3-1{list-style-type:none}ul.lst-kix_2szf7eexr8z3-0{list-style-type:none}ul.lst-kix_2szf7eexr8z3-3{list-style-type:none}ul.lst-kix_2szf7eexr8z3-2{list-style-type:none}.lst-kix_goky85f7lyx8-5>li:before{content:\"\\0025a0   \"}.lst-kix_ft2i69o3rob-4>li:before{content:\"\\0025cb   \"}.lst-kix_282g4nuy3j0q-0>li:before{content:\"\\0025cf   \"}.lst-kix_5jh5hqbn5xl5-7>li:before{content:\"\\0025cb   \"}.lst-kix_rz3p43oycv74-4>li:before{content:\"\\0025cb   \"}.lst-kix_dpa8cp4doet4-8>li:before{content:\"\\0025a0   \"}.lst-kix_ft2i69o3rob-6>li:before{content:\"\\0025cf   \"}.lst-kix_dpa8cp4doet4-4>li:before{content:\"\\0025cb   \"}.lst-kix_dpa8cp4doet4-6>li:before{content:\"\\0025cf   \"}.lst-kix_ft2i69o3rob-8>li:before{content:\"\\0025a0   \"}.lst-kix_thazg04u1d1d-5>li:before{content:\"\\0025a0   \"}ul.lst-kix_rz3p43oycv74-4{list-style-type:none}ul.lst-kix_top7qzsku2zx-7{list-style-type:none}ul.lst-kix_rz3p43oycv74-3{list-style-type:none}ul.lst-kix_top7qzsku2zx-8{list-style-type:none}ul.lst-kix_rz3p43oycv74-6{list-style-type:none}ul.lst-kix_rz3p43oycv74-5{list-style-type:none}.lst-kix_top7qzsku2zx-8>li:before{content:\"-  \"}ul.lst-kix_rz3p43oycv74-8{list-style-type:none}ul.lst-kix_top7qzsku2zx-3{list-style-type:none}ul.lst-kix_rz3p43oycv74-7{list-style-type:none}ul.lst-kix_top7qzsku2zx-4{list-style-type:none}ul.lst-kix_top7qzsku2zx-5{list-style-type:none}ul.lst-kix_top7qzsku2zx-6{list-style-type:none}.lst-kix_thazg04u1d1d-7>li:before{content:\"\\0025cb   \"}ul.lst-kix_5iu32rubc7u6-0{list-style-type:none}ul.lst-kix_u3tlaa94wryn-8{list-style-type:none}ul.lst-kix_5iu32rubc7u6-4{list-style-type:none}ul.lst-kix_5iu32rubc7u6-3{list-style-type:none}ul.lst-kix_5iu32rubc7u6-2{list-style-type:none}ul.lst-kix_5iu32rubc7u6-1{list-style-type:none}ul.lst-kix_u3tlaa94wryn-2{list-style-type:none}ul.lst-kix_5iu32rubc7u6-8{list-style-type:none}ul.lst-kix_u3tlaa94wryn-3{list-style-type:none}ul.lst-kix_5iu32rubc7u6-7{list-style-type:none}ul.lst-kix_u3tlaa94wryn-0{list-style-type:none}ul.lst-kix_5iu32rubc7u6-6{list-style-type:none}ul.lst-kix_u3tlaa94wryn-1{list-style-type:none}ul.lst-kix_5iu32rubc7u6-5{list-style-type:none}.lst-kix_5iu32rubc7u6-7>li:before{content:\"\\0025cb   \"}.lst-kix_thazg04u1d1d-3>li:before{content:\"\\0025cf   \"}ul.lst-kix_u3tlaa94wryn-6{list-style-type:none}ul.lst-kix_u3tlaa94wryn-7{list-style-type:none}ul.lst-kix_u3tlaa94wryn-4{list-style-type:none}ul.lst-kix_u3tlaa94wryn-5{list-style-type:none}.lst-kix_c045acpbq3ib-4>li:before{content:\"\\0025cb   \"}.lst-kix_dpa8cp4doet4-0>li:before{content:\"\\0025cf   \"}.lst-kix_dpa8cp4doet4-2>li:before{content:\"\\0025a0   \"}.lst-kix_c045acpbq3ib-6>li:before{content:\"\\0025cf   \"}.lst-kix_c045acpbq3ib-8>li:before{content:\"\\0025a0   \"}.lst-kix_thazg04u1d1d-1>li:before{content:\"\\0025cb   \"}li.li-bullet-0:before{margin-left:-18pt;white-space:nowrap;display:inline-block;min-width:18pt}.lst-kix_c045acpbq3ib-2>li:before{content:\"\\0025a0   \"}.lst-kix_c045acpbq3ib-0>li:before{content:\"\\0025cf   \"}.lst-kix_2pqoj7yqcbc0-3>li:before{content:\"\\0025cf   \"}.lst-kix_2pqoj7yqcbc0-5>li:before{content:\"\\0025a0   \"}ol{margin:0;padding:0}table td,table th{padding:0}.c14{border-right-style:solid;padding-top:0pt;border-top-width:0pt;border-right-width:0pt;padding-left:0pt;padding-bottom:0pt;line-height:1.15;border-left-width:0pt;border-top-style:solid;background-color:#ffffff;margin-left:36pt;border-left-style:solid;border-bottom-width:0pt;border-bottom-style:solid;orphans:2;widows:2;text-align:left;padding-right:0pt}.c20{border-right-style:solid;padding-top:0pt;border-top-width:0pt;border-right-width:0pt;padding-left:0pt;padding-bottom:0pt;line-height:1.15;border-left-width:0pt;border-top-style:solid;background-color:#ffffff;border-left-style:solid;border-bottom-width:0pt;border-bottom-style:solid;orphans:2;widows:2;text-align:left;padding-right:0pt}.c12{background-color:#ffffff;padding-top:12pt;padding-bottom:12pt;line-height:1.28;page-break-after:avoid;orphans:2;widows:2;text-align:left}.c0{color:#000000;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:16pt;font-family:\"Arial\";font-style:normal}.c29{background-color:#ffffff;padding-top:8pt;padding-bottom:8pt;line-height:1.2857142857142858;orphans:2;widows:2;text-align:left}.c3{color:#1b1f29;font-weight:700;text-decoration:none;vertical-align:baseline;font-size:11pt;font-family:\"Arial\";font-style:normal}.c4{background-color:#ffffff;padding-top:12pt;padding-bottom:12pt;line-height:1.15;orphans:2;widows:2;text-align:left}.c19{background-color:#ffffff;padding-top:12pt;padding-bottom:12pt;line-height:1.28;orphans:2;widows:2;text-align:left}.c27{background-color:#ffffff;padding-top:14pt;padding-bottom:6pt;line-height:1.28;orphans:2;widows:2;text-align:left}.c2{color:#434343;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:14pt;font-family:\"Arial\";font-style:normal}.c18{color:#000000;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:20pt;font-family:\"Arial\";font-style:normal}.c26{padding-top:0pt;padding-bottom:0pt;line-height:1.15;orphans:2;widows:2;text-align:left;height:11pt}.c25{color:#666666;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:12pt;font-family:\"Arial\";font-style:normal}.c28{background-color:#ffffff;padding-top:0pt;padding-bottom:12pt;line-height:1.15;orphans:2;widows:2;text-align:left}.c10{color:#000000;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:11pt;font-family:\"Arial\";font-style:normal}.c8{background-color:#ffffff;padding-top:14pt;padding-bottom:6pt;line-height:1.15;orphans:2;widows:2;text-align:left}.c32{background-color:#ffffff;padding-top:12pt;padding-bottom:8pt;line-height:1.25;orphans:2;widows:2;text-align:left}.c1{color:#1b1f29;font-weight:400;text-decoration:none;vertical-align:baseline;font-size:11pt;font-family:\"Arial\";font-style:normal}.c7{padding-top:0pt;padding-bottom:0pt;line-height:1.15;orphans:2;widows:2;text-align:justify;height:11pt}.c21{padding-top:16pt;padding-bottom:4pt;line-height:1.15;orphans:2;widows:2;text-align:left}.c23{font-weight:400;text-decoration:none;vertical-align:baseline;font-size:13.5pt;font-family:\"Arial\";font-style:normal}.c30{padding-top:0pt;padding-bottom:0pt;line-height:1.15;orphans:2;widows:2;text-align:justify}.c31{font-weight:400;vertical-align:baseline;font-size:11pt;font-family:\"Arial\";font-style:normal}.c11{text-decoration-skip-ink:none;-webkit-text-decoration-skip:none;color:#1155cc;text-decoration:underline}.c5{background-color:#ffffff;}.c13{padding:0;margin:0}.c16{margin-left:36pt;padding-left:0pt}.c6{color:inherit;text-decoration:inherit}.c9{color:#1b1f29;font-weight:700}.c15{color:#1b1f29}.c22{font-weight:700}.c17{page-break-after:avoid}.c24{font-style:italic}.title{padding-top:0pt;color:#000000;font-size:26pt;padding-bottom:3pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}.subtitle{padding-top:0pt;color:#666666;font-size:15pt;padding-bottom:16pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}li{color:#000000;font-size:11pt;font-family:\"Arial\"}p{margin:0;color:#000000;font-size:11pt;font-family:\"Arial\"}h1{padding-top:20pt;color:#000000;font-size:20pt;padding-bottom:6pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h2{padding-top:18pt;color:#000000;font-size:16pt;padding-bottom:6pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h3{padding-top:16pt;color:#434343;font-size:14pt;padding-bottom:4pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h4{padding-top:14pt;color:#666666;font-size:12pt;padding-bottom:4pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h5{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h6{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:\"Arial\";line-height:1.15;page-break-after:avoid;font-style:italic;orphans:2;widows:2;text-align:left}<\/style><\/head><body class=\"c5 doc-content\"><p class=\"c30\"><span class=\"c10\">Security is a top priority at Hyperspace and is taken seriously. This document describes the current state of security at Hyperspace. This information can change rapidly, as we are constantly improving our security and continue to build our product.<\/span><\/p><p class=\"c7\"><span class=\"c10\"><\/span><\/p><p class=\"c30\"><span class=\"c10\">Hyperspace follows industry standards and guidelines for security compliance and successfully undergoes security approvals with Fortune 500 and Global 1000 organizations on a monthly basis. We understand the value of formal certifications and have an active program underway to pursue SOC 2 Type II and ISO 27001 certification, further demonstrating our commitment to maintaining a secure and trusted environment.<\/span><\/p><p class=\"c7\"><span class=\"c10\"><\/span><\/p><p class=\"c30\"><span class=\"c10\">For access to our further security and compliance materials, please contact our security team at security@hyperspace.mv.<\/span><\/p><h1 class=\"c32\" id=\"hsvxxbu24e76b\"><span class=\"c18\">Cloud Security<\/span><\/h1><h2 class=\"c27\" id=\"hl0nsg76a8ilw\"><span class=\"c0\">Security Architecture &amp; Infrastructure<\/span><\/h2><p class=\"c19\"><span>At Hyperspace, we follow cloud-native best practices, leveraging the security policies of the public clouds we use. Our architecture is designed to be cloud-agnostic, with future plans to operate on Google Cloud, Azure, and AWS. Currently, all of our application services are hosted on Google Cloud Platform (GCP)<\/span><span class=\"c22\">&nbsp;<\/span><span class=\"c10\">with user scenes and media assets hosted on Amazon Web Services (AWS). Therefore, our security policies follow GCP&#39;s and AWS&#39;s best practices. When this document refers to Hyperspace servers, it means instances within GCP. We do not operate any physical hosting facilities or computer hardware of our own.<\/span><\/p><p class=\"c19\"><span>You can find more information about GCP&#39;s security processes here:<\/span><span><a class=\"c6\" href=\"https:\/\/cloud.google.com\/security\">&nbsp;<\/a><\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/cloud.google.com\/security\">https:\/\/cloud.google.com\/security<\/a><\/span><\/p><h2 class=\"c27\" id=\"ht1zqgnrbdp9k\"><span class=\"c0\">Data Center Physical Security<\/span><\/h2><h3 class=\"c12\" id=\"h1wfxp6kd0hwm\"><span class=\"c22\">Facilities<\/span><span class=\"c2\">&nbsp;<\/span><\/h3><p class=\"c19\"><span class=\"c10\">Hyperspace uses infrastructure from Google Cloud (GCP) and Amazon Web Services (AWS). The data centers we use hold certifications such as ISO 27001, PCI DSS Service Provider Level 1, and SOC 1 and 2.<\/span><\/p><p class=\"c19\"><span class=\"c10\">Our providers use robust controls to ensure the security and availability of their systems, including backup power, fire detection and suppression, and secure device destruction.<\/span><\/p><ul class=\"c13 lst-kix_akvyymgceazq-0 start\"><li class=\"c19 c16 li-bullet-0\"><span>Learn more about <\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/cloud.google.com\/security\/compliance\/offerings%23\/focusArea=Security\">Google Cloud Datacenter Security<\/a><\/span><span class=\"c10\">.<\/span><\/li><li class=\"c19 c16 li-bullet-0\"><span>Learn more about <\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/aws.amazon.com\/compliance\/data-center\/controls\/\">AWS Data Center Controls<\/a><\/span><span class=\"c10\">.<\/span><\/li><\/ul><p class=\"c19\"><span class=\"c22\">On-Site Security<\/span><span class=\"c10\">&nbsp;GCP and AWS implement layered physical security controls to ensure on-site security. These include vetted security guards, fencing, video monitoring, and intrusion detection technology.<\/span><\/p><ul class=\"c13 lst-kix_ft2i69o3rob-0 start\"><li class=\"c16 c19 li-bullet-0\"><span>Learn more about <\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/cloud.google.com\/security\/infrastructure\/design%23security_of_physical_premises\">GCP Physical Security<\/a><\/span><span class=\"c10\">.<\/span><\/li><li class=\"c19 c16 li-bullet-0\"><span>Learn more about <\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/aws.amazon.com\/compliance\/data-center\/perimeter-layer\/\">AWS Physical Security<\/a><\/span><span>.<\/span><\/li><\/ul><h2 class=\"c8\" id=\"h2tp38zpx9657\"><span class=\"c0\">Network and Access Security<\/span><\/h2><p class=\"c4\"><span class=\"c9\">In-house Security Team<\/span><span class=\"c1\">&nbsp;Our security team actively responds to security alerts and events to maintain a secure environment.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Third-Party Penetration Tests<\/span><span class=\"c1\">&nbsp;We conduct third-party penetration tests on our application and infrastructure at least annually. All findings are tracked and remediated. Reports are available upon request, subject to an appropriate NDA.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Threat Detection &amp; Vulnerability Scanning<\/span><span class=\"c1\">&nbsp;We leverage Google Cloud&#39;s threat detection services for continuous monitoring of malicious activity and perform regular internal vulnerability scans. Any identified issues are tracked to remediation.<\/span><\/p><p class=\"c4\"><span class=\"c9\">DDoS Mitigation<\/span><span class=\"c1\">&nbsp;We use a layered approach to DDoS protection, including Cloudflare&#39;s CDN with built-in protection, native GCP and AWS tools, and application-specific mitigation techniques.<\/span><\/p><h2 class=\"c8\" id=\"h3ckrxmrkr9n8\"><span class=\"c0\">Access Control<\/span><\/h2><p class=\"c4\"><span class=\"c1\">Hyperspace uses a least-privilege access model, ensuring staff only have the access necessary for their roles. This is enforced and monitored through regular audits, with two-factor authentication (2FA) required for all production systems.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Role-Based Access Control (RBAC)<\/span><span class=\"c15\">&nbsp;We enforce RBAC to manage user privileges and provide built-in roles that grant specific access levels within a metaverse world, down to a space-level granularity. More details can be found at<\/span><span class=\"c15\"><a class=\"c6\" href=\"https:\/\/hyperspace.mv\/academy\/user-roles\/\">&nbsp;<\/a><\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/hyperspace.mv\/academy\/user-roles\/\">https:\/\/hyperspace.mv\/academy\/user-roles\/<\/a><\/span><span class=\"c1\">.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Network &amp; Service Access<\/span><span class=\"c1\">&nbsp;The only ways to access stored data, servers, or services within Hyperspace&#39;s VPC are through our VPN servers or Hyperspace API endpoints.<\/span><\/p><ul class=\"c13 lst-kix_c045acpbq3ib-0 start\"><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">VPN Access:<\/span><span class=\"c1\">&nbsp;VPN access for Hyperspace operations staff requires a unique TLS auth key, CA certificate, and individual credentials. It also requires a hardware token for 2FA. Access is limited to necessary employees and can be revoked quickly.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">SSH Access:<\/span><span class=\"c1\">&nbsp;We use a configuration management system to control SSH access via public SSH keys. Passwords are not used, and SSHing as root is disabled. Keys can be quickly removed and rotated if a laptop is lost or a key is compromised.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Employee Laptops:<\/span><span class=\"c1\">&nbsp;Employee laptops have Mobile Device Management (MDM) enabled, which enforces strong passwords, disk encryption, a network firewall, and the ability to remotely lock or wipe the device.<\/span><\/li><\/ul><p class=\"c4\"><span class=\"c9\">Network Security Within the VPC<\/span><span class=\"c1\">&nbsp;We use specific network security groups for our instances. By default, none are publicly reachable. We follow an allowlist-only approach, ensuring only necessary ports and protocols are open from required sources.<\/span><\/p><ul class=\"c13 lst-kix_5iu32rubc7u6-0 start\"><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Load Balancers:<\/span><span class=\"c1\">&nbsp;Our Internet-facing load balancers for the API and Dashboard accept only HTTPS traffic on port 443 and redirect all HTTP traffic.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Cloudflare:<\/span><span class=\"c1\">&nbsp;We use Cloudflare endpoints for our website and Dashboard, which also terminate TLS connections and redirect HTTP to HTTPS.<\/span><\/li><\/ul><h2 class=\"c4 c17\" id=\"hr6cfwc683ktg\"><span class=\"c0\">Application &amp; Data Access<\/span><\/h2><ul class=\"c13 lst-kix_5jh5hqbn5xl5-0 start\"><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Dashboard Access:<\/span><span class=\"c1\">&nbsp;Access is based on valid user credentials, and we rely on OAuth 2.0 for both internal and customer authorization. We can configure per-customer authentication using Google, Okta, or any service that federates via SAML.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">API Access:<\/span><span class=\"c1\">&nbsp;Access is controlled by API keys, which are created in the Dashboard or API. Each key&#39;s access is limited to the resources of the creating user. All API keys are stored in a secure, encrypted database.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Cloud Resource Access:<\/span><span class=\"c1\">&nbsp;Access to GCP and AWS resources is managed through IAM users and roles. We grant access to instances via instance roles, and to developers and administrators via service accounts that require 2FA tokens.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Cluster Manager API:<\/span><span class=\"c15\">&nbsp;Access is controlled via a role-based access mechanism tied to the GCP or AWS SSO user.<\/span><\/li><\/ul><h1 class=\"c8\" id=\"hga2p7fh4hus4\"><span class=\"c18\">Security Architecture<\/span><\/h1><p class=\"c4\"><span class=\"c9\">Data in Transit<\/span><span class=\"c15\">&nbsp;All data transmitted between customers and Hyperspace is encrypted using TLS. We currently use the <\/span><span class=\"c9\">TLSv1.2_2021<\/span><span class=\"c1\">&nbsp;security policy for our HTTPS load balancers. For our website and Dashboard, Cloudflare distributions terminate TLS connections.<\/span><\/p><p class=\"c4\"><span class=\"c1\">Within Hyperspace&#39;s Virtual Private Cloud (VPC), data is transmitted between our internal services. Importantly, data is never sent outside of the VPC. The only entry points to the VPC are through the Hyperspace API and a VPN for our operations staff.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Data at Rest<\/span><span class=\"c1\">&nbsp;Data is persisted in two places, both with encryption enabled:<\/span><\/p><ul class=\"c13 lst-kix_2pqoj7yqcbc0-0 start\"><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">On our servers:<\/span><span class=\"c15\">&nbsp;These use GCP SSD persistent volumes encrypted with <\/span><span class=\"c9\">AES256<\/span><span class=\"c15\">. For more information, visit:<\/span><span class=\"c15\"><a class=\"c6\" href=\"https:\/\/cloud.google.com\/docs\/security\/encryption\/default-encryption\">&nbsp;<\/a><\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/cloud.google.com\/docs\/security\/encryption\/default-encryption\">https:\/\/cloud.google.com\/docs\/security\/encryption\/default-encryption<\/a><\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">In S3 storage buckets:<\/span><span class=\"c15\">&nbsp;Used for user scenes and media assets, this data is encrypted both in transit and at rest using the <\/span><span class=\"c9\">AES-256<\/span><span class=\"c15\">&nbsp;block cipher. For more details, visit:<\/span><span class=\"c15\"><a class=\"c6\" href=\"https:\/\/docs.aws.amazon.com\/AmazonS3\/latest\/userguide\/serv-side-encryption.html\">&nbsp;<\/a><\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/docs.aws.amazon.com\/AmazonS3\/latest\/userguide\/serv-side-encryption.html\">https:\/\/docs.aws.amazon.com\/AmazonS3\/latest\/userguide\/serv-side-encryption.html<\/a><\/span><\/li><\/ul><p class=\"c4\"><span class=\"c15\">Encryption keys are managed by <\/span><span class=\"c9\">GCP and AWS Key Management Services (KMS)<\/span><span class=\"c1\">. The master keys are never exposed and never leave the KMS hardware. For specific commercial installations, we can offer a way for customers to provide their own master key. All customer API keys and integration credentials are also stored in a secure, encrypted database.<\/span><\/p><h2 class=\"c20\" id=\"hzb4rydof\"><span class=\"c0\">Confidentiality<\/span><\/h2><p class=\"c20\"><span class=\"c1\">Hyperspace maintains confidentiality by strictly controlling access to systems, services, and data. Access is granted on a need-to-know basis to authorized users, service accounts, and employees.<\/span><\/p><ul class=\"c13 lst-kix_goky85f7lyx8-0 start\"><li class=\"c14 li-bullet-0\"><span class=\"c9\">Secrets Management:<\/span><span class=\"c15\">&nbsp;Sensitive information required for services at runtime is stored as <\/span><span class=\"c9\">Kubernetes Secrets<\/span><span class=\"c15\">&nbsp;within our GCP environment. Access to these secrets is managed via Kubernetes roles, adhering to the principle of least privilege. Employee access to third-party services is secured using <\/span><span class=\"c9\">1Password<\/span><span class=\"c1\">.<\/span><\/li><li class=\"c14 li-bullet-0\"><span class=\"c9\">Data Encryption:<\/span><span class=\"c15\">&nbsp;User credentials are encrypted at rest using <\/span><span class=\"c9\">AES-256<\/span><span class=\"c1\">&nbsp;within a dedicated database.<\/span><\/li><\/ul><h2 class=\"c20\" id=\"hdzi7o296df9l\"><span class=\"c0\">Audit Logging<\/span><\/h2><p class=\"c20\"><span class=\"c1\">We implement comprehensive audit logging to ensure accountability and monitor activity across our infrastructure.<\/span><\/p><p class=\"c20\"><span class=\"c15\">All actions on our cloud infrastructure are logged using <\/span><span class=\"c9\">GCP Cloud Logging<\/span><span class=\"c15\">. For each cluster, including production, logs are securely transferred to a dedicated GCP Cloud Storage bucket located in a separate security account. This bucket is configured with <\/span><span class=\"c9\">write-only access<\/span><span class=\"c1\">, which prevents logs from being modified or deleted.<\/span><\/p><h2 class=\"c20\" id=\"hh008dhd2etga\"><span class=\"c0\">Defense in Depth<\/span><\/h2><p class=\"c20\"><span class=\"c15\">Hyperspace employs a <\/span><span class=\"c9\">defense-in-depth<\/span><span class=\"c1\">&nbsp;strategy to protect its assets through multiple, layered security controls.<\/span><\/p><ul class=\"c13 lst-kix_izefyhgfp0tt-0 start\"><li class=\"c14 li-bullet-0\"><span class=\"c9\">Access Control:<\/span><span class=\"c15\">&nbsp;Access to all systems requires <\/span><span class=\"c9\">two-factor authentication (2FA)<\/span><span class=\"c1\">. Elevated privileges, which are required for critical operations, are also protected by 2FA.<\/span><\/li><li class=\"c14 li-bullet-0\"><span class=\"c9\">Network Segregation:<\/span><span class=\"c1\">&nbsp;Development and production environments are isolated through strict network segregation to prevent unauthorized access and limit the potential blast radius of any breach.<\/span><\/li><li class=\"c14 li-bullet-0\"><span class=\"c9\">Least Privilege:<\/span><span class=\"c15\">&nbsp;The <\/span><span class=\"c9\">principle of least privilege<\/span><span class=\"c1\">&nbsp;is enforced for all employee accounts, limiting permissions to only what is necessary for their roles.<\/span><\/li><li class=\"c14 li-bullet-0\"><span class=\"c9\">Intrusion Detection:<\/span><span class=\"c15\">&nbsp;An <\/span><span class=\"c9\">Intrusion Detection System (IDS)<\/span><span class=\"c15\">&nbsp;is used to continuously monitor all development and production environments, providing immediate alerts to the security team upon detection of anomalies.<\/span><\/li><\/ul><h2 class=\"c8\" id=\"hpk18g51khaqx\"><span class=\"c0\">Availability and Continuity<\/span><\/h2><p class=\"c4\"><span class=\"c9\">Uptime<\/span><span class=\"c1\">&nbsp;Hyperspace is deployed on public cloud infrastructure with services configured to scale dynamically based on demand. We perform regular load tests and API response time tests as part of our release cycle to ensure stable performance.<\/span><\/p><p class=\"c4\"><span class=\"c15\">You can view our public <\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/status.hyperspace.mv\/\">status page<\/a><\/span><span class=\"c1\">&nbsp;for real-time system availability, scheduled maintenance, and incident history.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Disaster Recovery<\/span><span class=\"c15\">&nbsp;In the event of a major outage, we have a tested and reviewed Disaster Recovery (DR) plan that allows us to deploy our application to alternative hosting. Our DR deployment uses the same configuration management and release processes as our production environment, ensuring all security configurations and controls are applied consistently.<\/span><\/p><h2 class=\"c8\" id=\"hxbv3gv47r1sj\"><span class=\"c0\">Application Security<\/span><\/h2><p class=\"c4\"><span class=\"c9\">Quality Assurance<\/span><span class=\"c1\">&nbsp;Our Quality Assurance team reviews and tests the codebase for each project. Our security team provides resources and recommendations to the QA team to investigate and remediate security vulnerabilities in the code.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Environment Segregation<\/span><span class=\"c1\">&nbsp;Our testing, staging, and production environments are logically separated. No customer data is ever used in a development or test environment.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Security Mindset Program<\/span><span class=\"c1\">&nbsp;Hyperspace runs a Security Mindset program with active participation from every development team.<\/span><\/p><h2 class=\"c8\" id=\"h65hpumux86z5\"><span class=\"c0\">Personnel Security<\/span><\/h2><p class=\"c4\"><span class=\"c9\">Security Awareness<\/span><span class=\"c1\">&nbsp;All new hires must complete a robust Security Awareness Training program within 30 days of employment. All employees receive annual training, with quarterly focused sessions on topics like secure coding and data privacy.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Information Security Program<\/span><span class=\"c1\">&nbsp;Hyperspace maintains a comprehensive set of information security policies, which are distributed to all employees and contractors. <\/span><\/p><p class=\"c4\"><span class=\"c9\">Employee Background Checks<\/span><span class=\"c1\">&nbsp;All employees undergo a background check prior to employment, covering a 5-year criminal history (where legal) and a 5-year employment verification.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Confidentiality Agreements<\/span><span class=\"c1\">&nbsp;All employees are required to sign Non-Disclosure and Confidentiality agreements.<\/span><\/p><p class=\"c4\"><span class=\"c9\">Access Controls<\/span><span class=\"c15\">&nbsp;Access to our systems and network devices is granted through a documented, approved request process. All logical access to our servers and management systems requires <\/span><span class=\"c9\">two-factor authentication<\/span><span class=\"c15\">. We use a <\/span><span class=\"c9\">least-privilege methodology<\/span><span class=\"c15\">&nbsp;and perform quarterly reviews to ensure all permissions are commensurate with an employee&#39;s job function. Access is revoked immediately upon termination or change of role.<\/span><\/p><h1 class=\"c19\" id=\"h85xjdp9qjexw\"><span class=\"c18\">Data Privacy<\/span><\/h1><p class=\"c4\"><span class=\"c1\">At Hyperspace, we are committed to protecting the privacy and personal data of all our users, no matter where you are located. We adhere to a global privacy standard based on the principles of transparency, data minimization, and user control.<\/span><\/p><h3 class=\"c4 c17\" id=\"hdta9wsnwr3bv\"><span class=\"c2\">For Our Customers in the United States<\/span><\/h3><p class=\"c4\"><span class=\"c1\">As a USA-based company, we are fully committed to complying with applicable state-level data privacy laws, with a particular focus on the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).<\/span><\/p><h3 class=\"c4 c17\" id=\"hn6myyiahyh6p\"><span class=\"c2\">For Our Customers in the European Union (EU), United Kingdom (UK), and Switzerland<\/span><\/h3><p class=\"c4\"><span class=\"c1\">Hyperspace maintains compliance with the European Union&rsquo;s General Data Protection Regulation (GDPR), the UK GDPR, and the Swiss Federal Act on Data Protection (FADP).<\/span><\/p><p class=\"c4\"><span class=\"c1\">For the transfer of personal data from the EEA, UK, and Switzerland to our US-based infrastructure, we rely on the following primary legal mechanisms:<\/span><\/p><h4 class=\"c4 c17\" id=\"hhziuw8adz1rm\"><span class=\"c25\">Standard Contractual Clauses (SCCs)<\/span><\/h4><p class=\"c4\"><span class=\"c15\">For data transfers with customers or partners we rely on the European Commission&#39;s approved Standard Contractual Clauses (SCCs). We also use these clauses in our agreements with any third-party sub-processors we may use. In line with the requirements of the <\/span><span class=\"c15 c24\">Schrems II<\/span><span class=\"c15\">&nbsp;ruling, we supplement these clauses with additional safeguards, including a Transfer Impact Assessment, to ensure that personal data remains protected with a level of security and privacy essentially equivalent to that of the GDPR.<\/span><\/p><h3 class=\"c29\" id=\"h65ajxdouhls5\"><span class=\"c2\">PCI-DSS<\/span><\/h3><p class=\"c28\"><span class=\"c1\">Hyperspace, as a card-not-present merchant, outsources all cardholder functions to a PCI-DSS Level 1 service provider. A copy of our SAQ-A is available upon request.<\/span><\/p><h2 class=\"c8\" id=\"h3tq9gb8bdmch\"><span class=\"c0\">Privacy Policy<\/span><\/h2><p class=\"c4\"><span class=\"c15\">For details on how Hyperspace handles data, please refer to our full privacy policy. You can find it at: <\/span><span class=\"c9\">hyperspace.mv\/privacy<\/span><\/p><p class=\"c4\"><span class=\"c15\">If you have any questions or concerns about your privacy, feel free to contact us directly at: <\/span><span class=\"c9\">privacy@hyperspace.mv<\/span><span class=\"c1\">.<\/span><\/p><h2 class=\"c8\" id=\"hz5bm6op9j07b\"><span class=\"c0\">Third-Party Security and Vendor Management<\/span><\/h2><p class=\"c4\"><span class=\"c1\">At Hyperspace, we recognize the risks that come with working with third-party vendors. We have a thorough process to ensure that all vendors meet our security standards before we partner with them. If a vendor doesn&#39;t meet our requirements, we won&#39;t move forward with them. We also continuously monitor and reassess the security of our selected vendors, adapting to any changes.<\/span><\/p><p class=\"c4\"><span class=\"c1\">For our core infrastructure and services, we use a select group of third-party sub-processors. We apply the same strict security evaluation process to these sub-processors as outlined in our Vendor Management Policy.<\/span><\/p><p class=\"c28\"><span class=\"c15\">The list of subprocessors, which is incorporated herein by reference and applies to both Customers and Participants (Experiences), is accessible at the following location: <\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/hyperspace.mv\/academy\/subprocessors\/\">https:\/\/hyperspace.mv\/academy\/subprocessors\/<\/a><\/span><\/p><h2 class=\"c4 c17\" id=\"huy1hnvv5qk12\"><span class=\"c0\">Responsible Disclosure Policy<\/span><\/h2><p class=\"c4\"><span class=\"c1\">At Hyperspace, we value the role of the security research community in helping us maintain a secure system. If you believe you&#39;ve found a vulnerability, we invite you to report it to us.<\/span><\/p><h3 class=\"c17 c21\" id=\"hg57a6i9c90f9\"><span class=\"c2\">How to Report a Vulnerability<\/span><\/h3><p class=\"c4\"><span class=\"c15\">Please email your findings to <\/span><span class=\"c9\">security@hyperspace.mv<\/span><span class=\"c1\">. Your report should include:<\/span><\/p><ul class=\"c13 lst-kix_rz3p43oycv74-0 start\"><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Finding Name<\/span><span class=\"c15\">&nbsp;and <\/span><span class=\"c3\">Severity<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Domain<\/span><span class=\"c15\">&nbsp;and <\/span><span class=\"c3\">URL<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c15\">A detailed <\/span><span class=\"c9\">Proof-of-Concept<\/span><span class=\"c1\">&nbsp;to reproduce the issue<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c9\">Evidence<\/span><span class=\"c1\">, such as screenshots or video<\/span><\/li><\/ul><h3 class=\"c21 c17\" id=\"h5jsbada9fak5\"><span class=\"c2\">General Guidelines<\/span><\/h3><ul class=\"c13 lst-kix_2szf7eexr8z3-0 start\"><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">All testing must be done within your own account.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">We only accept solo submissions.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Do not access, modify, or delete other people&#39;s data. Only use accounts you own or have explicit permission to use.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Please allow us a reasonable amount of time to fix the issue before publicly disclosing it.<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Public disclosure of vulnerabilities is not currently permitted.<\/span><\/li><\/ul><h3 class=\"c21 c17\" id=\"hjeq7xhmtuttf\"><span class=\"c2\">Out-of-Scope Activities and Exclusions<\/span><\/h3><p class=\"c4\"><span class=\"c1\">Please refrain from the following activities:<\/span><\/p><ul class=\"c13 lst-kix_dpa8cp4doet4-0 start\"><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Denial of Service (DoS\/DDoS)<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Spamming or Email Bombing\/Flooding<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Social Engineering or phishing of our employees<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Physical attacks on our property<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Using automated vulnerability scanners<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Testing third-party SaaS applications<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Username\/Email enumeration<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Clickjacking<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Missing security headers (e.g., DMARC, SPF, etc.)<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">OAuth misconfigurations<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">Logout Cross-Site Request Forgery<\/span><\/li><li class=\"c4 c16 li-bullet-0\"><span class=\"c1\">EXIF and Geolocation data-related vulnerabilities<\/span><\/li><\/ul><h3 class=\"c21 c17\" id=\"hpk3o0spdj58b\"><span class=\"c2\">Rewards<\/span><\/h3><p class=\"c4\"><span class=\"c15\">While we don&#39;t offer cash rewards, we will gratefully list your name in our <\/span><span class=\"c11\"><a class=\"c6\" href=\"https:\/\/hyperspace.mv\/academy\/bug-hunters-hall-of-fame\/\">Bug Hunters Hall of Fame<\/a><\/span><span class=\"c1\">&nbsp;for valid submissions.<\/span><\/p><p class=\"c26\"><span class=\"c10\"><\/span><\/p><p class=\"c26\"><span class=\"c10\"><\/span><\/p><\/body><\/html>","protected":false},"excerpt":{"rendered":"Security is a top priority at Hyperspace and is taken seriously. This document describes the current state of security at Hyperspace. This information can change rapidly, as we are constantly improving our security and continue to build our product.Hyperspace follows industry standards and guidelines for security compliance and successfully undergoes security approvals with Fortune 500 [&hellip;]","protected":false},"author":9,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"class_list":["post-4284","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hyperspace Security Design<\/title>\n<meta name=\"description\" content=\"Hyperspace Security Design\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hyperspace Security Design\" \/>\n<meta property=\"og:description\" content=\"Hyperspace Security Design\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/\" \/>\n<meta property=\"og:site_name\" content=\"Metaverse Academy\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Hyperspacemv-Metaverse-For-Business\/61571016491364\/\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-29T13:16:21+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@learnbrite\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/hyperspace-security-design\\\/\",\"url\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/hyperspace-security-design\\\/\",\"name\":\"Hyperspace Security Design\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/#website\"},\"datePublished\":\"2022-08-24T16:19:00+00:00\",\"dateModified\":\"2025-09-29T13:16:21+00:00\",\"description\":\"Hyperspace Security Design\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/hyperspace-security-design\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/hyperspace-security-design\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/hyperspace-security-design\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hyperspace Security Design\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/#website\",\"url\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/\",\"name\":\"Hyperspace Academy\",\"description\":\"Learn to build WebXR metaverse experiences for 3D, 360, VR\\\/AR\",\"publisher\":{\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/#organization\",\"name\":\"Hyperspace Academy\",\"url\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/Hyperspace-academy-logo-0.75x-white.png\",\"contentUrl\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/Hyperspace-academy-logo-0.75x-white.png\",\"width\":225,\"height\":42,\"caption\":\"Hyperspace Academy\"},\"image\":{\"@id\":\"https:\\\/\\\/hyperspace.mv\\\/academy\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Hyperspacemv-Metaverse-For-Business\\\/61571016491364\\\/\",\"https:\\\/\\\/x.com\\\/learnbrite\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hyperspace Security Design","description":"Hyperspace Security Design","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/","og_locale":"en_US","og_type":"article","og_title":"Hyperspace Security Design","og_description":"Hyperspace Security Design","og_url":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/","og_site_name":"Metaverse Academy","article_publisher":"https:\/\/www.facebook.com\/people\/Hyperspacemv-Metaverse-For-Business\/61571016491364\/","article_modified_time":"2025-09-29T13:16:21+00:00","twitter_card":"summary_large_image","twitter_site":"@learnbrite","twitter_misc":{"Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/","url":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/","name":"Hyperspace Security Design","isPartOf":{"@id":"https:\/\/hyperspace.mv\/academy\/#website"},"datePublished":"2022-08-24T16:19:00+00:00","dateModified":"2025-09-29T13:16:21+00:00","description":"Hyperspace Security Design","breadcrumb":{"@id":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/hyperspace.mv\/academy\/hyperspace-security-design\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hyperspace.mv\/academy\/"},{"@type":"ListItem","position":2,"name":"Hyperspace Security Design"}]},{"@type":"WebSite","@id":"https:\/\/hyperspace.mv\/academy\/#website","url":"https:\/\/hyperspace.mv\/academy\/","name":"Hyperspace Academy","description":"Learn to build WebXR metaverse experiences for 3D, 360, VR\/AR","publisher":{"@id":"https:\/\/hyperspace.mv\/academy\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hyperspace.mv\/academy\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/hyperspace.mv\/academy\/#organization","name":"Hyperspace Academy","url":"https:\/\/hyperspace.mv\/academy\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hyperspace.mv\/academy\/#\/schema\/logo\/image\/","url":"https:\/\/hyperspace.mv\/academy\/wp-content\/uploads\/2022\/02\/Hyperspace-academy-logo-0.75x-white.png","contentUrl":"https:\/\/hyperspace.mv\/academy\/wp-content\/uploads\/2022\/02\/Hyperspace-academy-logo-0.75x-white.png","width":225,"height":42,"caption":"Hyperspace Academy"},"image":{"@id":"https:\/\/hyperspace.mv\/academy\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Hyperspacemv-Metaverse-For-Business\/61571016491364\/","https:\/\/x.com\/learnbrite"]}]}},"_links":{"self":[{"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/pages\/4284","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/comments?post=4284"}],"version-history":[{"count":7,"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/pages\/4284\/revisions"}],"predecessor-version":[{"id":5244,"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/pages\/4284\/revisions\/5244"}],"wp:attachment":[{"href":"https:\/\/hyperspace.mv\/academy\/wp-json\/wp\/v2\/media?parent=4284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}