- Home
- Security
Protecting your machines and organizations with security by design
Security is a highly complex topic that requires specific know-how. But the burden is not entirely on your shoulders. IXON has the expertise in-house to ensure that your Industrial IoT solution is always up to speed with the latest security standards.
Security is built into IXON's foundation
Security by design
Full data privacy
Keeping your business-critical machine data safe is of utmost importance. We have all processes in place to ensure full confidentiality of your data.
Certified compliance
IXON's four promises to you:
No security incidents
We strive to have zero situations that compromise the confidentiality or integrity of our own and our customers' confidential data.
No data loss
All data we have, both internally and from our customers, should always be retrievable in case of an emergency (e.g. backups, cloud services, etc.).
99% uptime of IXON Cloud
The entire IXON Cloud, including all features and services, should be available and work correctly at least 99% of the time.
No unacceptable performance issues
All users should have a seamless experience with all aspects of the IXON Cloud. If there are any issues, it’s our top priority to resolve them.
Compliance with industry standards
IXON's management system is certified in accordance with the ISO 27001 standard, the global benchmark for information security in organizations. This certification mandates compliance with diverse requirements, including access control, cybersecurity, training and awareness, risk management, and business continuity.
IXON's management system is also certified for other standards, including ISO 9001 (quality management), ISO 27017 (cloud security) and ISO 27701 (privacy). As such, IXON is ready for the NIS2 Directive. This means that machine builders can continue to rely on IXON, also when NIS2 comes into effect.
Extensive cloud security
IXON Cloud is a scalable and secure network of over 150 servers, distributed globally among various ISO-certified hosting providers. All are situated in data centers maintaining the highest security standards.
On top, we implemented all necessary cloud security measures, including:
- Encryption of traffic
- Patch management
- Vulnerability assessments
- Continuous server health monitoring
- Restricted server access
- Data back-ups
Keeping factory and machine networks secure
Our connectivity products have embedded security measurements in place to meet both operational technology (OT) and IT requirements. This will keep machines secure over time, while security updates can be published remotely to save on maintenance time.
The edge gateway's firewall separates the machine from the internal factory network, so the customer's network runs no risk of cyber attacks via incoming connections to the machine. This reduces human errors and meets IT policies as no open ports are necessary.
Securing the internal organisation
Our Industrial IoT platform delivers everything needed to fully manage access for your machines and its data. With role-based access control, 2-factor authentication and audit trails you are able to control, maintain and audit your processes and people in any circumstance.
Also for IXON itself, internal organisation security is a key topic throughout all levels of the company. We have our processes and policies in place that ensure we only deliver optimally secured products and services to our customers.
Frequently asked questions
Why is IoT and cloud security important?
IoT and cloud security are crucial because they protect sensitive machine data and ensure the integrity and availability of industrial operations. The vast amounts of machine data that industrial IoT solutions collect are a valuable asset for optimizing operations and preventing downtime. However, due to its importance it becomes a target for cyber attacks.
Ensuring robust security measures prevents unauthorized access, data breaches and ransomware attacks, leading to disruptions. IXON emphasizes a security-by-design approach, ensuring that the platform is secure from the ground up, compliant with standards like ISO 27001 and IEC 62443, and regularly audited to maintain high security standards.
How IoT security works
IoT security involves a combination of practices and technologies to protect data and systems from cyber threats. Here’s how IXON implements IoT security:
- Encryption: All data transmitted between devices and the cloud is encrypted to prevent unauthorized access.
- Firewalls and VPNs: The edge gateways include built-in firewalls and establish secure VPN tunnels to ensure that only authorized users can access the system.
- Access control: Role-based access control (RBAC) and two-factor authentication (2FA) are used to manage and restrict access to critical systems and data.
- Continuous monitoring: IXON employs continuous monitoring and regular vulnerability assessments to detect and mitigate potential security threats proactively.
- Compliance and certifications: IXON adheres to international security standards, including ISO 27001, ISO 9001, ISO 27017, ISO 27701 and IEC 62443, ensuring comprehensive security management and data privacy.
What does IXON do to avoid security breaches?
Security is ingrained throughout the entire IXON organisation. We have adopted a 'security by design' approach, meaning security is the foundation of our daily operations, and the point of departure when developing remote access and IoT solutions or rendering services to machine builders.
Cyber security is embedded into all internal processes and procedures with a comprehensive Information Security Management System (ISMS) and a Privacy Information Management System (PIMS). IXON's ISMS is certified in accordance with the ISO 27001 standard, the global benchmark for information security in organizations. This certification mandates compliance with a broad range of requirements, including access control, cyber security, training and awareness, compliance, risk management, and business continuity. Besides this, IXON is also certified for and compliant with other standards. More information about this and other security-related topics can be found in the IXON Security Guide.
Has the IXON Cloud ever been attacked?
It depends on what you consider an "attack". Some of our IXON Cloud servers are accessible via the Internet, and if you monitor the server logs, you will sometimes see behavior that might indicate an attack. This is common, and happens to basically all servers that are accessible via the Internet.
However, the thing to keep in mind is that the Internet is full of botnets that are programmed to try low-effort exploits on every IP address in use. This does not pose a security risk to you, since we at IXON have patched and barricaded our servers in such a way that we are not vulnerable to these type of automated exploits.
In the case of a "real" attack by a human instead of a bot, you are also safe. Our servers are hardened to a degree that makes it extremely unlikely that the attacker will succeed. We regularly perform penetration tests to ensure we find - and then solve - potential weaknesses before software is deployed. We also have 24/7 monitoring systems in place that detect anomalies in behavior on one of our servers.
When NIS2 is in effect, can I still use remote access and cloud software?
The short answer is: yes. The IXON Cloud, the edge gateway and the IXagent all comply with the NIS2 Directive.
NIS2 does not prohibit having external connections to and from machines and factories, nor does it limit the use of Software-as-a-Service (SaaS) solutions or the transfer of machine data within the EU. However, there is an increased emphasis on supply chain security, which underscores the importance of every vendor in the supply chain maintaining security, including your suppliers of IT equipment and software.
The main requirements for NIS2, and more, have already been addressed by our ISO 27001 certified management system. In this context, IXON already meets the NIS2 requirements even before it's turned into legislation (which is planned to happen by October 2024).
Note: It is important to understand that NIS2 compliance is a broader, organization-wide initiative. The use of IXON solutions does not absolve you as machine builder or manufacturer from the responsibility of implementing necessary cyber security measures, since each organization has its own unique needs, risks, and requirements. On a positive note, the gateway's rapid remote maintenance capabilities, machine insight, and firewall insulation from the OT network can assist you in implementing effective risk analysis, incident handling, and business continuity policies.
What is the connection between IXON and NIS2?
The NIS2 Directive aims to reduce the risk of successful cyber attacks for many industries, including machine builders, manufacturers and their IT suppliers. The goal is to increase the digital resilience and incident response capabilities of these organizations. Local legislation per EU member state based on NIS2 will come into effect by October 2024. It is therefore important that machine builders proactively check to what extent they need to comply with the Directive. This check should also take into account if their IT suppliers are ready for NIS2, including the providers of remote access and cloud software solutions.
IXON, being ISO-certified for access control, cyber security, training and awareness, risk management, and business continuity is ready for the NIS2 Directive. This means that you can continue to rely on IXON as one of your IT suppliers, also when NIS2 comes into effect.
I have more questions about how IXON is handling cyber security. Whom can I contact?
If you have other - or more specific - questions about how IXON is securing its solutions and its internal operations, you can reach out to your local contact at IXON. You can also reach out to our Security Officer directly, by sending an email with your questions. We will then get in touch with you shortly.