Unrivaled Cloud-Based Security

Device Cloud

Unrivaled Cloud-Based Security

Security is firmly at the core of every feature developed and every decision that is made regarding Device Cloud. The Etherios Cloud Security Office fiercely protects the confidentiality, integrity and availability of the Device Cloud service. With over 175 different security controls in place that takes into account frameworks including, ISO27002’s ISMS, NERCs critical infrastructure protection (CIP) guidance, Payment Card Industry PCI-DSS v2, the Cloud Security Alliance (CSA) Cloud Controls Matrix, as well as relevant HIPAA and NIST standards, Device Cloud customers are assured that there is no safer place for their data.

People

Security for cloud services is a rapidly changing paradigm and we are committed to providing security controls that set the industry standard. In conjunction with the Cloud Security Alliance, of which Digi International is a corporate member. Our cloud security experts are active and visible players in the data security space, regularly attending and speaking at security conferences, including DefCon, Amphion Forum and ISSA, and have numerous articles published across online channels and industry journals. Our employees proudly hold certifications such as CISSP, RHCE, CCNP, MCSE, EC-COUNCIL’s Certified Security Analyst (CSA) and Certified Ethical Hacker (CEH), as well as ISO27002 Certified Lead Implementer certifications.

PCI Compliance

Device Cloud has been used in PCI compliant networks. Our devices, in conjunction with standard security hardening practices, have received a passing ROC (Report on Compliance) from many top and popular QSAs.

Certifications

Our systems are located in certified SSAE-16 (old SAS-70 Type II ) and ISO27001 facilities. We also maintain our own ISO27001 certified security program for Device Cloud software. If you are a Device Cloud customer and are interested in reviewing this information and these reports, please send an email to cloud.security@etherios.com.

NERC/CIP

Device Cloud helps you to meet your security compliance targets by providing to your field devices the following security functions: Centralized Device Patching, Capacity Planning, Centralized Logging, Compliance Scanning, Compliance Reporting, Change Control, Backup/Disaster Recovery , Intrusion Detection and Asset Management.

HIPAA Compliance

Device Cloud is a key component of a HIPAA-compliant solution. To meet HIPAA compliance, we recommend that Device Cloud acts as a data conduit for health information. Since Device Cloud does not process health information, customers looking to implement a HIPAA solution do not need a Business Associate agreement signed, provided that they encrypt the data while it is passed through the Device Cloud.

Have questions about Device Cloud security?

FAQ Email
Proudly partnered with