# WebAccess DMP Security Statement
WebAccess DMP is a robust remote management platform, providing seamless control and monitoring of your industrial networking devices. With a comprehensive range of features, from automated backups to extensive API support, the platform ensures your operations are efficient and secure. Our commitment to security underpins every aspect of WebAccess DMP.
# WebAccess DMP Server & Communication Security
All communication between WebAccess DMP servers and external networks is fully encrypted, using the latest TLS 1.3 protocol to ensure data integrity and confidentiality. Authentication and authorization between the management server and devices are secured through a mutual Public Key Infrastructure (PKI), ensuring that only authorized devices and users can access the system.
WebAccess DMP is hosted on Amazon Web Services (AWS) data centers, including those located in Frankfurt, Germany. AWS provides a highly secure, compliant, and well-governed environment, ensuring the reliability and security of your critical operations. We also employ automated systems to perform regular backups of all databases, ensuring data resilience and rapid recovery in case of any incidents.
# WebAccess DMP Account Security
We adhere to strict internal company procedures to secure user accounts, including storing salted hashes of passwords and employing standardized user management practices. Multi-factor authentication (MFA) is available, adding an extra layer of security to user access. Continuous logging and monitoring of user interactions are conducted to detect any unusual activity, ensuring that all access to devices and systems is securely managed.
# WebAccess DMP Security Development Process
Security is deeply embedded in the development of WebAccess DMP, ensuring that each update and feature release meets stringent security standards. Our approach to security in software development encompasses the following key stages:
Ongoing Security Education – Our development teams continuously engage in security education, mastering secure coding techniques, threat identification, and vulnerability management to stay ahead of evolving security challenges.
Security-Driven Design – During the design phase, we collaborate with security experts to establish clear security criteria, such as encryption methods, input validation, and access control protocols. This ensures potential vulnerabilities are identified early and mitigated effectively.
Proactive Development & Implementation – Security is integrated from the start. Our code undergoes rigorous automated scans and manual reviews throughout development to detect and address vulnerabilities in real-time, ensuring robust security at every step.
Comprehensive Testing & Feedback – After development, we perform extensive penetration testing and security audits based on predefined threat models. Feedback from these processes is crucial, driving continuous improvement in our security practices for future projects.
# Continuous Compliance and Improvement
Advantech Czech s.r.o. is committed to maintaining the highest standards of cybersecurity, aligned with the European Union’s NIS2 Directive. We are actively working towards ISO27001 certification by 2025, reflecting our dedication to enhancing the security and resilience of our critical infrastructure. Regular risk assessments, incident handling procedures, business continuity plans, and supply chain security measures are integral parts of our compliance efforts.
# Secure Remote Management
WebAccess DMP is built with security at its core, ensuring that your remote management operations are not only efficient but also thoroughly protected against evolving cyber threats. Our commitment to continuous improvement and adherence to stringent security protocols guarantees that your critical infrastructure is in safe hands.