Sessions between you and your portal are protected with in-transit
encryption using 2,048-bit or better keys and TLS 1.0 or above.
Users with modern browsers will use TLS 1.2 or 1.3.
TLS for IIoT Datareader hosted sites
TLS is enabled by default on IIoT Datareader hosted websites. You
can also select the versions of TLS that are available to your
site’s visitors. Please see our Connect your domain and SSL and
domain security pages for more detail.
Web Application and network firewalls
IIoT Datareader monitors potential attacks with several tools,
including a web application firewall and network-level
firewalling. In addition, the IIoT Datareader platform contains
Distributed Denial of Service (DDoS) prevention defenses to help
protect your site and access to your products.
Software development lifecycle (SDLC) Security
IIoT Datareader implements static code analysis tools and human
review processes in order to ensure consistent quality in our
software development practices.
Datacenter Protections
Software Security
Patch management
IIoT Datareader’s patch management process identifies and
addresses missing patches within the product infrastructure.
Server-level instrumentation ensures tracked software packages use
the appropriate versions.
Security incident response
IIoT Datareader’s security incident process flows and
investigation data sources are pre-defined during recurring
preparation activities and exercises and are refined through
investigation follow-ups. We use standard incident response
process structures to ensure that the right steps are taken at the
right time.
IIoT Datareader tests for potential vulnerabilities on a recurring
basis. We run static code analysis, and infrastructure
vulnerability scans.
Penetration testing
IIoT Datareader leverages 3rd party penetration testing firms
several times a year to test the IIoT Datareader products and
product infrastructure.
Physical security
IIoT Datareader products are hosted with cloud infrastructure
providers with SOC 2 Type II and ISO 27001 certifications, among
others. The certified protections include dedicated security
staff, strictly managed physical access control, and video
surveillance.