IT security

IT Security at INSYS icom

INSYS icom is a digitalisation expert specialising in industrial data communication. We form the bridge between IT and OT with our core expertise in remote maintenance, remote control, condition monitoring and data networking. Our solutions are therefore often the central gateway in the communication between closed and secure networks and the wider Internet. They accordingly form a natural target for attackers, and for this reason the security of our solutions enjoys top priority.

Attacks on systems in the first place can have a variety of reasons, even if they may not be obvious at first glance.

Due to the high security standards of the icom OS routers, INSYS icom has been awarded the trust mark "IT Security made in Germany".

The reasons for attacks are varied;

  • Extortion: disruption of production processes, which is only lifted against payment of a ransom
  • Industrial espionage: theft of business-critical information and know-how
  • Political motivation: attacks on critical infrastructure as part of a “cyber war”
  • Demonstration of power: causing maximum damage without a specific goal
  • Exposure of vulnerabilities: attacks to improve the resilience of systems. Attackers are predominantly friendly and cooperative.

In order to protect our solutions and customers against such attacks, at INSYS icom we maintain an IT security culture that is characterised by the terms: “Safety first“, “Security by design” and “Update it“.

Attacks against digitalised systems in industry have the most diverse motives. INSYS icom provides corresponding concepts for the greatest possible security.
Even during the development of a new product, the highest value is placed on security against attacks. Regular testing and the exclusive use of ISO27001-certified data centres ensure the necessary IT security even after production.

„Safety first“ – security as the basis for our actions

In every phase of our business and at every stage of the product lifecycle, IT security plays a crucial role. The following six points form the cornerstones of our work:

  • All components (hardware, firmware and web services) are from a single source and are developed by our specialists in Germany.
  • We regularly have the IT security of our products validated through penetration tests and resistance analyses.
  • Our web services are operated exclusively in ISO27001-certified data centres.
  • We regularly update all security-relevant open source libraries.
  • We rigorously use automated software testing on nightly builds with thousands of test cases.
24/7 monitoring of the services as well as a uniform, encrypted and signed firmware on all devices already ensures the highest IT security during product design.

„Security by Design“ – security from the word ‘go’

From the outset, our products are developed in line with the principles of “Security by design” and “Security by default“. They are therefore characterised by the following points, among others:

  • Easy configuration of secure authentication procedures
  • Hardened firmware for a minimal attack surface
  • Uniform firmware across all devices
  • Encrypted and signed firmware
  • Container applications completely isolated from the firmware
  • Support for the latest encryption standards
  • Automated updates via icom Router Management or update server
  • Comprehensive 24/7 monitoring of all managed services
Regular updates and immediate reactions to detected security vulnerabilities demonstrate the great emphasis on IT security at INSYS icom.

“Update it” – our update policy

Every product is only as secure as the updates it receives. This is why we at INSYS icom attach great importance to regular updates for our products:

null
icom OS Router operating system
  • 6 updates per year
  • cycle: every 8 weeks
  • Security patches are available for at least a further 8 years
null
icom Connectivity Service
  • Continuous updates; on average one update per month
null
icom Router Management
  • Cloud: continuous updates; on average one update per month
  • onPremises: continuous updates
null
Response to security vulnerabilities & patch management

Provision of patches for critical vulnerabilities (CVSS 9.0-10.0) immediately after availability
Patching of less critical vulnerabilities for the next planned release
Maintenance of a list of security notifications for CVEs (security advisories)

At home in critical infrastructures (KRITIS)

Critical infrastructures (CRITIS) are organisations or facilities with major significance for the state. However, there is no worldwide standard that is used in the field of security in critical infrastructures. That is why INSYS icom bases the development of its products on the guidelines of various international organisations and standards such as NIS, CISA, ENISA or IEC 62443. Hundreds of institutions from critical infrastructures rely on our devices and services. They are used for example in the areas of water and energy supply, from small municipal utilities to large mechanical engineering companies.

Due to their importance for the state community, organisations in critical infrastructures have the highest requirements for the security of the products used. INSYS icom solutions are excellently suited for this.

How to keep your facilities safe in five steps

The following five tips will help you to ensure that your systems and machines are securely networked:

  • Secure your application according to our IT Security Guide.
  • Install updates as quickly as possible after they become available. The best way to do this is to use our icom Router Management and subscribe to our Release Notes.
  • Make your employees aware of security issues: “social engineering” plays a major role in 19% of all successful cyber attacks.
  • Make sure that the components and products used are handled professionally. This will help you avoid faulty configurations.
  • Choose a secure authentication procedure, e.g. certificate-based authentication with your own CA or a RADIUS server.

White paper “Preventive security concepts for the IIoT”

Prevention is better than cure – but are you really sufficiently protected against cyber attacks?

In our white paper, we discuss the topic in detail! Learn from practical examples which dangers in the area of IT security are hiding, which countermeasures are important in the case of an emergency and which elements belong in your security concept so that it doesn’t come to that in advance.

Als Premiumhersteller von industriellen Routern, Modems und Gateways legt INSYS icom höchsten Wert auf IT-Sicherheit.

Links, certificates and penetration tests

Here you will find material to support you in the KRITIS audit. In addition, you will receive an overview of penetration tests performed as well as documentation and instructions for using INSYS icom products securely.

Online form for security advisories

Do you have any questions about the IT security of products? Send a message to our ISB/CISO at [email protected] or use the following secure online form.

Menu

Minimise your risk when it comes to IT security!

Learn more about preventive security concepts for the IIoT now.