Security

Prev Next

At INSYS icom, security is a cornerstone of our icom Router Management (iRM) solution. Designed for the efficient management of industrial routers, iRM adheres to the highest cybersecurity standards to ensure the protection of critical infrastructure and industrial networks. Our approach to security integrates robust software development practices, encrypted communications, comprehensive vulnerability management, and strict data protection policies.

Our software development processes follow the IEC 62443-4-1 standard, ensuring that security is embedded from the design phase through deployment. This includes:

  • Threat modeling and risk assessment to identify potential vulnerabilities early.

  • Secure coding practices to mitigate security risks.

  • Code reviews and static code analysis to detect security flaws before release.

  • Continuous security testing including penetration testing and automated security scans.

This systematic approach guarantees that iRM meets stringent industrial cybersecurity requirements and remains resilient against emerging threats.

Communication security is vital for remote device management. iRM ensures secure data transmission by adhering to the German Federal Office for Information Security (BSI TR-02102):

  • End-to-end encryption of communication channels.

  • TLS encryption for data exchanges to prevent interception and tampering.

  • Secure key management to safeguard authentication credentials and encryption keys.

By implementing these standards, we protect customer data and ensure the integrity of industrial connectivity operations.

The cloud version of iRM is hosted in a Germany-based data center certified under ISO 27001. This ensures:

  • Strict access controls and monitoring to prevent unauthorized access.

  • Redundant infrastructure for high availability and data resilience.

  • Compliance with European data protection laws, reinforcing trust in our security framework.

This high-security hosting environment ensures that iRM Cloud remains a reliable and compliant solution for customers requiring robust remote management capabilities.

We maintain a strong vulnerability and patch management strategy to address security risks promptly:

  • Regular security updates to mitigate known vulnerabilities.

  • Proactive monitoring for emerging threats and attack vectors.

  • Public security advisories to inform customers of potential risks.

  • Email notifications to ensure timely awareness of patches and security fixes.

By maintaining a transparent and responsive security posture, we enable customers to operate securely and mitigate potential cybersecurity threats effectively.

iRM is designed with privacy by design principles and does not collect any personal data. Our approach ensures:

  • Full compliance with GDPR and data protection regulations.

  • Minimal data processing to enhance privacy and security.

  • Customer control over data without unnecessary collection or storage.

With these measures in place, customers can confidently use iRM without concerns about personal data exposure.

As Cyber Resilience Act (CRA) and NIS2 Directive shape the regulatory landscape, we are committed to ensuring iRM remains compliant:

  • Alignment with CRA requirements for secure-by-design software development.

  • Incident response capabilities to meet NIS2 compliance obligations.

  • Continuous monitoring of regulatory updates to align with evolving cybersecurity mandates.

By proactively addressing these regulatory requirements, we support industrial customers in achieving compliance and enhancing their cybersecurity resilience.

We are proud to hold the TeleTrust certificate, demonstrating our commitment to high security standards and trustworthiness in industrial connectivity solutions. This certification further reinforces our dedication to ensuring cybersecurity excellence and compliance with best practices.

Security is fundamental to icom Router Management (iRM). By integrating IEC 62443-4-1 for secure software development, BSI TR-02102 for encrypted communication, ISO 27001-certified hosting, and a strong vulnerability management strategy, we ensure a secure and compliant industrial router management solution.