You need an account to access this content
Create a free account and get access to all downloads and more!
Information Security
Information Security at ComAp
At ComAp, we prioritise information and data security across all aspects of our business, including products, processes, and guidelines. We recently achieved ISO/IEC 27001, the world’s most recognised standard for information security management systems. This certification highlights our commitment to the highest standards of information security and data protection. By implementing disciplined organisational practices and resilient cybersecurity protocols, we ensure full alignment with ISO 27001 standard.
The Benefits of lSO 27001
Enhanced Trust and Confidence
Completing the ISO 27001 certification process confirmed and strengthened our information security practices, building our confidence as a trustworthy partner in all aspects of information security.
Risk Management
ComAp has established a robust security risk management system to evaluate vulnerabilities, threats, and impacts. This is further supported by a comprehensive risk assessment and treatment plan.
Compliance with Regulations
ComAp’s ISO 27001 certification ensures compliance with strict data protection regulations across industries like data centers, governmental institutions, and marine sectors.
Incident Response
ComAp has established a security incident process that includes the identification, evaluation, resolution, and communication of incidents, as well as post-incident assessment.
Improved Business Processes
Implementing ISO 27001 has streamlined information security processes at ComAp, improving service delivery through refined supplier management, physical and ICT security, and a clear responsibility matrix. ISO 27001 also ensures continuous impovement and monitoring of these processes.
Secure Development Lifecycle
ISO 27001 extends beyond IT security to include product and service development, establishing rules for specification, testing, and documentation. ComAp ensures compliance with these standards by providing comprehensive training for its teams.
Business Continuity
Business continuity is an important component of ComAp's Information Security Management System (ISMS). This is why we have implemented business continuity and disaster recovery plans to minimise disruptions for customers during security incidents.
Supplier Management
ISO 27001 certification improves supplier management by defining and enforcing stringent security requirements in contracts. This ensures compliance and enables ComAp to effectively evaluate and collaborate with ISMS-relevant suppliers on security matters.
Cyber Security in Our Products
How can we ensure the best cyber security within our products?
That is the main question we ask ourselves when we start the development of our control products and software. As part of this process, we have developed five essential criteria for security:
- Secured firmware - All new ComAp firmware is secured by encryption, preventing any firmware from being uploaded into non-genuine or modified ComAp products. Our controllers will not accept any non-encrypted firmware.
- Communication ciphering - All communication that occurs through public networks, such as Ethernet, Internet, or AirGate, is bidirectionally secured by our proprietary ComAp ciphering technology, CCS. Our proprietary ciphering technology is based on proven cryptographic algorithms.
- Protection against brute-force attack - ComAp’s controllers feature brute force attack detection during the user authentication process.
- Reliable user authentication - ComAp controllers use authentication of unique user accounts to ensure only authorised personnel can access your equipment and data.
- System security against data leakage - If an administrator loses access, we use a robust mechanism with a unique digital signature and two-factor authentication to retrieve it.
Information Security Management System Documents
Cyber Security Alerts & Advisories
| ID | Version | Document title | CVSS Score | Download |
|---|---|---|---|---|
| CA-VD-001 | V1 | Webserver interfaces vulnerability | 5.4 | Link |