Ensuring a safe and trustworthy IIoT solution
Security is the cornerstone of everyday operations
An extensive ISO 27001 certified Information Security Management System and the associated best practices guarantee that we always give information security the focus it deserves. Thanks to a systematic approach, we identify, prevent and defend IXON Cloud against potential vulnerabilities and we safeguard the confidentiality, integrity and availability of your business-critical information.
- No security incidents
- No data loss
- 99,9% uptime
Confidentiality, integrity & availability
- Strict access rights
Just a few developers have access to the servers and data in IXON Cloud.
- Dedicated security officer
Security officer Dylan Eikelenboom is fully committed to maintaining the security of the IXON Cloud solution.
- Your data is your property
All data stored in the IXON Cloud is the property of its users. Always available and fully exportable.
The IXON Cloud is a complex network of over 50 servers, distributed worldwide. It is structured to provide the best performance, availability and security. All servers are located in data centres which uphold the highest security standards and have obtained ISO 27001 certification.
Global data center locations of IXON Cloud.
The IXrouter only uses outgoing ports to set up a secure connection to the IXON Cloud. As a result, it is not necessary to open ports in the incoming firewall and your company network remains optimally protected.
Machine controllers like PLCs were never designed for security. Their operating systems are not updated and do not contain the latest security mechanisms. It is imperative that these controllers are never connected to a company network while linked to other devices.
With its built-in firewall, the IXrouter blocks all traffic from the WAN to the LAN ports - and vice versa - by default. These firewall settings can be adjusted according to individual needs via the IXON Cloud and pushed to your devices.
Users pose the greatest security risk for many applications. Therefore, protect your company with a highly secure login system and use two-factor authentication. As an additional layer of security, users must then enter a unique, one-time-use password that is generated by apps such as Google Authenticator.
Machine data is sent to the IXON Cloud using the lightweight and highly efficient MQTT protocol. The data is stored in a time-series database cluster, which is hosted in a data centre in Frankfurt, Germany.
This allows users to request data from a large period of time in just a few milliseconds and perform operations (such as calculating the mean value) in a quick and highly efficient manner.
Machine data: the journey from machine to IXON Cloud.
All software is tracked through an advanced software versioning management system, which has been designed for continuous integration, delivery and deployment. This method of automated testing and releasing software changes greatly reduces risks for each release and enables developers to get valuable features and improvements out fast and in a sustainable way.
The IXON Cloud is monitored 24/7 and logs are stored and analyzed on a centralized logging platform. The centralized logging platform is mainly focused on collecting information about employee actions on IXON’s systems, server performance and database requests. It uses smart intelligence to detect critical events and anomalies in real time before they affect users.
IXON’s security officer is tasked with analyzing all monitoring and logging reports in order to quickly identify and react to any performance issues, unusual server activity or unauthorized actions.
A third-party vulnerability solution scans the IXON Cloud regularly for any external vulnerabilities. Scan results are reported in a centralized overview and assessed by the security officer.
In addition, IXON’s servers are audited daily by another third party specialized in server security and system hardening. Server auditing is aimed at determining system health by detecting any internal vulnerabilities or configuration management weaknesses.