You need an account to access this content
Create a free account and get access to all downloads and more!
However, this connectedness also increases need for stronger security protection to prevent harmful cyber attacks. We take cyber security seriously at ComAp and continuously enhance our solutions and products with new security features to protect your data and equipment.
How we can ensure the best cyber security within our products?
That is the main question we ask ourselves when we start the development of our control products and software. As part of this process, we have developed five essential criteria for security:
All new ComAp firmware is secured by encryption.
This prevents any firmware from being uploaded into non-genuine or modified ComAp products. It also means that the controller will not accept any non-encrypted firmware when someone tries to upload it.
All communication that occurs through public networks such using Ethernet, Internet, or AirGate, is bidirectionally secured by our special ComAp ciphering technology CCS. Our proprietary ciphering technology is based on proven cryptographic algorithms.
The technology has been audited by an external security audit company, and it has successfully passed all penetration tests.
ComAp’s controllers feature brute force attack detection during the user authentication process.
If an attack is detected, the control unit is gradually blocked by prolonging the time between individual attempts to sign in, similar to a mobile phone preventing users to access the phone if the PIN is entered incorrectly too many times.
ComAp controllers use authentication of unique user accounts to ensure only authorised personnel can access your equipment and data.
All user access is logged, and any activity under a particular login is recorded. In this way all user activities in the control device are tracked, and at the same time the controller administrators have can flexibly manage access rights.
If an administrator loses access to the controller, we use a robust mechanism to retrieve the administrator's access. The mechanism is based on a digital signature unique to the controller and requires double-factor authentication.
Only ComAp can grant the access back, which helps to prevent forgery and misuse by a non-authorized person.
|ID||Version||Document title||CVSS Score||Download|
|CA-VD-001||V1||Webserver interfaces vulnerability||5.4||Link|