Rest easy with a security partner
you can rely on

IoT and cloud security are crucial because they protect sensitive machine data and ensure the integrity and availability of industrial operations. The vast amounts of machine data that industrial IoT solutions collect are a valuable asset for optimizing operations and preventing downtime. However, due to its importance it becomes a target for cyber attacks. 

Ensuring robust security measures prevents unauthorized access, data breaches and ransomware attacks, leading to disruptions. IXON emphasizes a security-by-design approach, ensuring that the platform is secure from the ground up, compliant with standards like ISO 27001 and IEC 62443, and regularly audited to maintain high security standards​.

IoT security involves a combination of practices and technologies to protect data and systems from cyber threats. Here’s how IXON implements IoT security:

• Encryption: All data transmitted between devices and the cloud is encrypted to prevent unauthorized access.
• Firewalls and VPNs: The edge gateways include built-in firewalls and establish secure VPN tunnels to ensure that only authorized users can access the system.
• Access control: Role-based access control (RBAC) and two-factor authentication (2FA) are used to manage and restrict access to critical systems and data.
• Continuous monitoring: IXON employs continuous monitoring and regular vulnerability assessments to detect and mitigate potential security threats proactively.
• Compliance and certifications: IXON adheres to international security standards, including ISO 27001, ISO 9001, ISO 27017, ISO 27701 and IEC 62443, ensuring comprehensive security management and data privacy​​.

Security is ingrained throughout the entire IXON organisation. We have adopted a 'security by design' approach, meaning security is the foundation of our daily operations, and the point of departure when developing remote access and IoT solutions or rendering services to machine builders.

Cyber security is embedded into all internal processes and procedures with a comprehensive Information Security Management System (ISMS) and a Privacy Information Management System (PIMS). IXON's ISMS is certified in accordance with the ISO 27001 standard, the global benchmark for information security in organizations. This certification mandates compliance with a broad range of requirements, including access control, cyber security, training and awareness, compliance, risk management, and business continuity. Besides this, IXON is also certified for and compliant with other standards. More information about this and other security-related topics can be found in the IXON Security Guide.

It depends on what you consider an "attack". Some of our IXON Cloud servers are accessible via the Internet, and if you monitor the server logs, you will sometimes see behavior that might indicate an attack. This is common, and happens to basically all servers that are accessible via the Internet.

However, the thing to keep in mind is that the Internet is full of botnets that are programmed to try low-effort exploits on every IP address in use. This does not pose a security risk to you, since we at IXON have patched and barricaded our servers in such a way that we are not vulnerable to these type of automated exploits. 

In the case of a "real" attack by a human instead of a bot, you are also safe. Our servers are hardened to a degree that makes it extremely unlikely that the attacker will succeed. We regularly perform penetration tests to ensure we find - and then solve - potential weaknesses before software is deployed. We also have 24/7 monitoring systems in place that detect anomalies in behavior on one of our servers.

The short answer is: yes. The IXON Cloud, the edge gateway and the IXagent all comply with the NIS2 Directive.

NIS2 does not prohibit having external connections to and from machines and factories, nor does it limit the use of Software-as-a-Service (SaaS) solutions or the transfer of machine data within the EU. However, there is an increased emphasis on supply chain security, which underscores the importance of every vendor in the supply chain maintaining security, including your suppliers of IT equipment and software.

The main requirements for NIS2, and more, have already been addressed by our ISO 27001 certified management system. In this context, IXON already meets the NIS2 requirements even before it's turned into legislation (which is planned to happen by October 2024).

Note: It is important to understand that NIS2 compliance is a broader, organization-wide initiative. The use of IXON solutions does not absolve you as machine builder or manufacturer from the responsibility of implementing necessary cyber security measures, since each organization has its own unique needs, risks, and requirements. On a positive note, the gateway's rapid remote maintenance capabilities, machine insight, and firewall insulation from the OT network can assist you in implementing effective risk analysis, incident handling, and business continuity policies.

The NIS2 Directive aims to reduce the risk of successful cyber attacks for many industries, including machine builders, manufacturers and their IT suppliers. The goal is to increase the digital resilience and incident response capabilities of these organizations. Local legislation per EU member state based on NIS2 will come into effect by October 2024. It is therefore important that machine builders proactively check to what extent they need to comply with the Directive. This check should also take into account if their IT suppliers are ready for NIS2, including the providers of remote access and cloud software solutions.

IXON, being ISO-certified for access control, cyber security, training and awareness, risk management, and business continuity is ready for the NIS2 Directive. This means that you can continue to rely on IXON as one of your IT suppliers, also when NIS2 comes into effect.

If you have other - or more specific - questions about how IXON is securing its solutions and its internal operations, you can reach out to your local contact at IXON. You can also reach out to our Security Officer directly, by sending an email with your questions. We will then get in touch with you shortly.