IT Security at INSYS icom
The iCS - VPN is a remote access service for simple and secure networking of sites, systems or mobile devices via a VPN network.
The iRM enables rollouts of device firmware, configurations, security certificates and applications including logging.
Here you get access to our Partner Portal – become a part of our network now!
INSYS icom is a digitalisation expert specialising in industrial data communication. We form the bridge between IT and OT with our core expertise in remote maintenance, remote control, condition monitoring and data networking. Our solutions are therefore often the central gateway in the communication between closed and secure networks and the wider Internet. They accordingly form a natural target for attackers, and for this reason the security of our solutions enjoys top priority.
Attacks on systems in the first place can have a variety of reasons, even if they may not be obvious at first glance.
In order to protect our solutions and customers against such attacks, at INSYS icom we maintain an IT security culture that is characterised by the terms: “Safety first“, “Security by design” and “Update it“.
In every phase of our business and at every stage of the product lifecycle, IT security plays a crucial role. The following six points form the cornerstones of our work:
From the outset, our products are developed in line with the principles of “Security by design” and “Security by default“. They are therefore characterised by the following points, among others:
Every product is only as secure as the updates it receives. This is why we at INSYS icom attach great importance to regular updates for our products:
Provision of patches for critical vulnerabilities (CVSS 9.0-10.0) immediately after availability
Patching of less critical vulnerabilities for the next planned release
Maintenance of a list of security notifications for CVEs (security advisories)
Critical infrastructures (CRITIS) are organisations or facilities with major significance for the state. However, there is no worldwide standard that is used in the field of security in critical infrastructures. That is why INSYS icom bases the development of its products on the guidelines of various international organisations and standards such as NIS, CISA, ENISA or IEC 62443. Hundreds of institutions from critical infrastructures rely on our devices and services. They are used for example in the areas of water and energy supply, from small municipal utilities to large mechanical engineering companies.
The following five tips will help you to ensure that your systems and machines are securely networked:
Prevention is better than cure – but are you really sufficiently protected against cyber attacks?
In our white paper, we discuss the topic in detail! Learn from practical examples which dangers in the area of IT security are hiding, which countermeasures are important in the case of an emergency and which elements belong in your security concept so that it doesn’t come to that in advance.
Here you will find material to support you in the KRITIS audit. In addition, you will receive an overview of penetration tests performed as well as documentation and instructions for using INSYS icom products securely.
|Products tested||Test body||Period||Status/result|
|icom OS||OpenSource Security GmbH||Q2 2021||Weak points corrected.|
|icom Connectivity Service||OpenSource Security GmbH||Q2 2021||Weak points corrected.|
|icom Router Management||OpenSource Security GmbH||Q1 2021||Weak points corrected.|
|icom OS||Customer test from the energy sector||Q1 2021||Weak points corrected.|
icom Data Suite
|T-Systems on behalf of a customer||Q4 2019||Weak points corrected.|
|icom Connectivity Service|
|Secunet on behalf of a customer from public transport||Q3 2019||"In conclusion, the system examined can be confirmed as having a generally high level of safety."|
|icom OS||Customer test from plant engineering||Q2 2019||Weak points corrected.|