Halio kiosks + surface-tokens — secure dashboard delivery
Self-hosted kiosk hardware with HMAC-signed short-lived tokens — no shared passwords, no kiosk hijacking.
Sticking dashboards on screens in non-secure rooms or vehicles usually means writing the password on a post-it and praying. Bad on its own; catastrophic when the dashboard contains live operational data.
Each kiosk gets a per-device HMAC key. Tokens rotate, scoped to specific dashboards, with audience claims. Dashboards reject unsigned or wrong-audience requests outright.
Nothing — this is a boring security pattern. Mentioning it because the *most useful* AI advice is often 'this isn't an AI problem'.
Threat model, key rotation discipline, deployment scripts.
Dashboards in vans, lobbies and back-of-house don't leak when a device gets pinched.
Earlier kiosks ran the same admin login as the back-office. One stolen tablet = full back-office breach. Won't be doing that again.
Audience-scoped, time-bounded tokens. Boring, correct, durable.
- 01Be honest with customers when their problem isn't an AI problem.
- 02Security plumbing is the cheapest insurance you'll buy.