Protecting your machines and organisations with security by design
Security is a highly complex topic that requires specific know-how. But the burden is not entirely on your shoulders. IXON has the expertise in-house to ensure that your Industrial IoT solution is always up to speed with the latest security standards.
Security is built into IXON's foundation
IXON's four promises to you:
Compliance with industry standards
IXON's management system is certified in accordance with the ISO 27001 standard, the global benchmark for information security in organizations. This certification mandates compliance with diverse requirements, including access control, cybersecurity, training and awareness, risk management, and business continuity.
IXON's management system is also certified for other standards, including ISO 9001 (quality management), ISO 27017 (cloud security) and ISO 27701 (privacy). As such, IXON is ready for the NIS2 Directive. This means that machine builders can continue to rely on IXON, also when NIS2 comes into effect.
Extensive cloud security
IXON Cloud is a scalable and secure network of over 150 servers, distributed globally among various ISO-certified hosting providers. All are situated in data centers maintaining the highest security standards.
On top, we implemented all necessary cloud security measures, including:
- Encryption of traffic
- Patch management
- Vulnerability assessments
- Continuous server health monitoring
- Restricted server access
- Data back-ups
Keeping factory and machine networks secure
Our connectivity products have embedded security measurements in place to meet both operational technology (OT) and IT requirements. This will keep machines secure over time, while security updates can be published remotely to save on maintenance time.
The IXrouter’s firewall separates the machine from the internal factory network, so the customer's network runs no risk of cyber attacks via incoming connections to the machine. This reduces human errors and meets IT policies as no open ports are necessary.
Securing the internal organisation
Our Industrial IoT platform delivers everything needed to fully manage access for your machines and its data. With role-based access control, 2-factor authentication and audit trails you are able to control, maintain and audit your processes and people in any circumstance.
Also for IXON itself, internal organisation security is a key topic throughout all levels of the company. We have our processes and policies in place that ensure we only deliver optimally secured products and services to our customers.
Frequently asked questions
When NIS2 is in effect, can I still use remote access and cloud software?
The short answer is: yes. The IXON Cloud, the IXrouter and the IXagent all comply with the NIS2 Directive.
NIS2 does not prohibit having external connections to and from machines and factories, nor does it limit the use of Software-as-a-Service (SaaS) solutions or the transfer of machine data within the EU. However, there is an increased emphasis on supply chain security, which underscores the importance of every vendor in the supply chain maintaining security, including your suppliers of IT equipment and software.
The main requirements for NIS2, and more, have already been addressed by our ISO 27001 certified management system. In this context, IXON already meets the NIS2 requirements even before it's turned into legislation (which is planned to happen by October 2024).
Note: It is important to understand that NIS2 compliance is a broader, organization-wide initiative. The use of IXON solutions does not absolve you as machine builder or manufacturer from the responsibility of implementing necessary cyber security measures, since each organization has its own unique needs, risks, and requirements. On a positive note, the IXrouter's rapid remote maintenance capabilities, machine insight, and firewall insulation from the OT network can assist you in implementing effective risk analysis, incident handling, and business continuity policies.
What is the connection between IXON and NIS2?
The NIS2 Directive aims to reduce the risk of successful cyber attacks for many industries, including machine builders, manufacturers and their IT suppliers. The goal is to increase the digital resilience and incident response capabilities of these organizations. Local legislation per EU member state based on NIS2 will come into effect by October 2024. It is therefore important that machine builders proactively check to what extent they need to comply with the Directive. This check should also take into account if their IT suppliers are ready for NIS2, including the providers of remote access and cloud software solutions.
IXON, being ISO-certified for access control, cyber security, training and awareness, risk management, and business continuity is ready for the NIS2 Directive. This means that you can continue to rely on IXON as one of your IT suppliers, also when NIS2 comes into effect.
What does IXON do to avoid security breaches?
Security is ingrained throughout the entire IXON organisation. We have adopted a 'security by design' approach, meaning security is the foundation of our daily operations, and the point of departure when developing remote access and IoT solutions or rendering services to machine builders.
Cyber security is embedded into all internal processes and procedures with a comprehensive Information Security Management System (ISMS) and a Privacy Information Management System (PIMS). IXON's ISMS is certified in accordance with the ISO 27001 standard, the global benchmark for information security in organizations. This certification mandates compliance with a broad range of requirements, including access control, cyber security, training and awareness, compliance, risk management, and business continuity. Besides this, IXON is also certified for and compliant with other standards. More information about this and other security-related topics can be found in the IXON Security Guide.
Has the IXON Cloud ever been attacked?
It depends on what you consider an "attack". Some of our IXON Cloud servers are accessible via the Internet, and if you monitor the server logs, you will sometimes see behavior that might indicate an attack. This is common, and happens to basically all servers that are accessible via the Internet.
However, the thing to keep in mind is that the Internet is full of botnets that are programmed to try low-effort exploits on every IP address in use. This does not pose a security risk to you, since we at IXON have patched and barricaded our servers in such a way that we are not vulnerable to these type of automated exploits.
In the case of a "real" attack by a human instead of a bot, you are also safe. Our servers are hardened to a degree that makes it extremely unlikely that the attacker will succeed. We regularly perform penetration tests to ensure we find - and then solve - potential weaknesses before software is deployed. We also have 24/7 monitoring systems in place that detect anomalies in behavior on one of our servers.
I have more questions about how IXON is handling cyber security. Whom can I contact?
If you have other - or more specific - questions about how IXON is securing its solutions and its internal operations, you can reach out to your local contact at IXON. You can also reach out to our Security Officer directly, by sending an email with your questions. We will then get in touch with you shortly.