The EuroCloud StarAudit defines several cross-process points, making sure that a high level of quality, security, availability is reached and maintained. The Role of EuroCloud, as a vendor-neutral and non-profit organization, is to deliver know-how, legal orientation, quality guidance and best practises policies for global usage.
In order to understand relevant security aspects it is necessary to take a look at the system architecture : This will give the entry points for the security discussion and show critical points of interest. The data flow starts in the field at the instruments level. Via interface devices as e.g. gateways, this data can be transmitted into the cloud, where it is transformed into information. Within the cloud, additional data sources may be injected to gain additional information. These can arise from other Endress+Hauser systems or customer environments as engineering tools or ERP systems.
As security, trust and compliance are very sensitive topics, a quality audit is essential. StarAudit provided by EuroCloud (www.eurocloud.org) offers Endress+Hauser an accountable quality assessment of cloud services through a transparent and reliable certification process.
Assessed areas are:
To comply with the Quality Audit and under the aspect of laws and regulations, Endress+Hauser needs to consider a number of frameworks. Conclusions and requirements from these documents find their application in the software itself, but as well internal processes, operational processes and in the content of contractual documents such as Terms of Service. The applied frameworks are:
To comply with all previously mentioned requirements, it is necessary to have proper functions & features implemented in the software. The following outlines some of the security measures that we undertake.
Encryption of passwords:
In order to provide user confidentiality of passwords we do not store them in plain text. On user side, passwords are encrypted with ‘bcrypt, salt and pepper cryptography’ and we just only save the hash within our database.
In order to support safe user identification during the usage of the software, we use a tokenized process to identify users against our cloud service. User passwords are transmitted only for token generation. This complicates scamming attempts and guarantees a safe authorization.
Encrypted communication channels only
The communication channel to our cloud service can solely be established via a secure and encrypted https connection. Thereby all payload data is encrypted according to industry standards and our cloud computers are trustfully authenticated by a certificate issued by a worldwide renowned certificate authority.
When accessing its account, the user is able to see his past activities. The same mechanisms are used for online banking to detect possible fraud usage or failed login attempts.
Even in the safest environment, the event of serious security incidents may occur. Therefore we established internal processes to react as quickly as possible and to inform all affected parties to keep our customers safe from harm.
We use the strongest cloud hosting partners on the market, and only use server locations in Europe. These servers are operated under European law and jurisdiction, which is among the most >stringent worldwide. Our customers can be sure that their data is subject to one of the highest data security standards worldwide.
The gateway is a critical point in the architecture as it represents the access point from and to the user’s plant. The gateway will record only data from the field and transmit these towards the cloud. The other way around, from cloud to the gateway, no communication is initiated. Thus all incoming ports to the gateway are blocked. Only exceptions are gateway software updates. In order to guarantee safe downloads, these updates are certified and checked against the original file to prevent manipulation. Software updates are installed in parallel to the running system. When the update-process is completed, the gateway switches to the updated runtime and disconnects for the period of the reboot.
All customer data used by Endress+Hauser is solely owned by the customer. We reserve the right to access this data to deliver our service. If we share customer data with 3rd party service providers, we inform our customers about this cooperation prior to data exchange and assure that this service provider acts according the given terms and guidelines.