Complete Toolkit for Your Solution
Unrivaled Cloud-Based Security
Security is firmly at the core of every feature developed and every decision that is made regarding Device Cloud. The Etherios Cloud Security Office fiercely protects the confidentiality, integrity and availability of the Device Cloud service. With over 175 different security controls in place that takes into account frameworks including, ISO27002’s ISMS, NERCs critical infrastructure protection (CIP) guidance, Payment Card Industry PCI-DSS v2, the Cloud Security Alliance (CSA) Cloud Controls Matrix, as well as relevant HIPAA and NIST standards, Device Cloud customers are assured that there is no safer place for their data.People
Security for cloud services is a rapidly changing paradigm and we are committed to providing security controls that set the industry standard. In conjunction with the Cloud Security Alliance, of which Digi International is a corporate member, our cloud security experts are active and visible players in the data security space. Our experts regularly attend and speak at security conferences, including DefCon, Amphion Forum and ISSA, and have numerous articles published across online channels and industry journals. Our employees proudly hold certifications such as CISSP, RHCE, CCNP, MCSE, EC-COUNCIL’s Certified Security Analyst (CSA) and Certified Ethical Hacker (CEH), as well as ISO27002 Certified Lead Implementer certifications.PCI Compliance
Device Cloud has been used in PCI compliant networks. Our devices, in conjunction with standard security hardening practices, have received a passing ROC (Report on Compliance) from many top and popular QSAs.Certifications
Our systems are located in certified SSAE-16 (old SAS-70 Type II ) and ISO27001 facilities. We also maintain our own ISO27001 certified security program for Device Cloud software. Our industry-leading security practices are recognized by the community as well, as evidence by Etherios’ membership in the Center for Internet Security (CIS) and SkyHigh’s independent rating of the highest level, Enterprise Ready, for Device Cloud by Etherios. If you are a Device Cloud customer and are interested in reviewing this information and these reports, please send an email to firstname.lastname@example.org.NERC/CIP
Device Cloud helps you to meet your security compliance targets by providing to your field devices the following security functions: Centralized Device Patching, Capacity Planning, Centralized Logging, Compliance Scanning, Compliance Reporting, Change Control, Backup/Disaster Recovery , Intrusion Detection and Asset Management.HIPAA Compliance
Device Cloud is a key component of a HIPAA-compliant solution. To meet HIPAA compliance, we recommend that Device Cloud acts as a data conduit for health information. Since Device Cloud does not process health information, customers looking to implement a HIPAA solution do not need a Business Associate agreement signed, provided that they encrypt the data while it is passed through the Device Cloud.