Protecting and securing customer data is essential to earning the trust of our users, as the growing multitude of new digital processes offers a growing attack surface to cyber criminals. Malicious software, data fraud and phishing for passwords or access credentials are only a few of the threats that users have to be protected against. Today’s Commend system security is firmly rooted in 50 years of experience in designing and perfecting Intercom security and communication technology.
Security and data protection are rooted in trust.
People will accept and use solutions and services
only if they are trustworthy.
To fend off possible attacks, Commend has made IT security in general and cyber security in particular a top priority. We are fully aware of our crucial responsibility where the safety and trustworthiness of our security and professional communication solutions are concerned. As a result, we always endeavour to communicate and demonstrate our commitment as a trustworthy market leader to promote our collective knowledge and shared experience. For this reason we develop our solutions with security and data protection in mind, so as to ensure the best possible protection of our customers’ data and infrastructures.
From the initial product design to its implementation and after-sales service, ‘Privacy and Security by Design’ is the guiding principle and solid promise to our customers that every product feature and function is tested against.
Cyber-secure on multiple levels
With cyber-crime on the rise, system hardening and the protection of on-premise Commend solutions and cloud-native Commend Symphony services against security breaches is at the forefront of our product development process. In final installations at the customer's site our “Privacy and Security by Design” approach extends to a combination of measures in four basic layers:
Physical Security – this provides physical protection to security sensitive components such as networked door call terminals and the like. Measures employed for this purpose include Commend IP Secure Connectors that cut the network connection in case of device tampering to fight off hacking attempts. For more details on Physical Security see here.
Network Security – this ensures secure network connections of on-premises components, as well as web-based and Symphony cloud-native services.
Security-controlled access to network infrastructures goes hand in hand with Data Security measures (such as point-to-point encryption) in accordance with proven norms and standards. It is precisely for this reason that the cloud native Commend Symphony platform has been developed from the start to be “secure by design” in line with Commend's holistic Privacy and Security by Design (PSBD) approach. In keeping with this commitment, Commend has also implemented an ISO/IEC 27001:2013 compliant Information Security Management System (ISMS) to keep all corporate data as well as customer and supplier information safe. See here to learn more about Network and Data Security.
Fail Safety – various measures, from automated updates to cloud-native failover strategies are used to ensure uninterrupted availability of Commend systems and services, even in case of a network connection failure. Read more about Fail Safety.
As a result, multi-level cyber security allows users to enjoy Commend service performance on the highest level.
NDAA/TAA Compliance
Commend USA is pleased to confirm that its entire product portfolio is in full compliance
with the National Defense Authorization Act (NDAA) and the Trade Agreements Act (TAA).
VULNERABILITY DISCLOSURE POLICY
THE COMMEND SECURITY ADVISORY PROGRAM
Commend International is very serious about the security of its products and services, and we greatly value the contribution of the security community. We have therefore implemented a coordinated process for disclosing security vulnerabilities.
All customers and security professionals are invited to participate and register for the Commend Security Advisory Program.
Certified to IEC 62443
World's first Intercom Company IEC 62443 certified
Secure Product Development Lifecycle
assessed and monitored according to IEC 62443-4-1.
ISO 27001 Information Security Management
Cyber Security begins at Home
At Commend, we put all our efforts to provide customers
with the best cyber security possible.
All-around Cyber Defense
Security for Products and Applications
The global security-specific hardening of local and cloud-based
Commend systems spans several basic levels.
Privacy and Security by Design
How does it Work?
The basic principle is easy: providing the best possible protection of both transferred data and ‘stationary’ data against unauthorised access in order to ensure the availability of products and services. Commend products are always designed, developed and incorporated in customer solutions in accordance with these security criteria.