Security Policy

Cloud security at Moicon is the highest priority. As a Moicon customer, you benefit from a data center and network architecture that is built to meet the requirements of the most security-sensitive organizations.

Security of the Cloud – Moicon is responsible for protecting the infrastructure that runs all of the services offered in the Moicon Digital Twin Platform and providing you with services that you can use securely. Our security responsibility is the highest priority at Moicon, and the effectiveness of our security is regularly tested and verified by third-party auditors.

Every product, tool, and service offered by Moicon is backed by technology and practices that meet or exceed industry standards for security, monitoring, and privacy. And we're continually looking for new and better ways to ensure that every part of our network is secure.

Despite the fact that the work is difficult, our approach is straightforward: we have zero tolerance for anything less than complete security. We work with our clients on a regular basis to analyze measures and outcomes, then make the required adjustments and updates to keep everyone's company and information safe.

Security has two aspects: securing the information that your employees input into the model, as well as ensuring that no one else has access to your data in the cloud.

Both are addressed in our processes, which are specifically adapted for the manufacturing industry. All while providing maximum security and maximum successful data flow.

Systems and methods with several layers:

We update our platforms regularly

Moicon regularly releases new platform versions to update all of the customers platforms. New platform versions provide operating system, runtime, application server, and web server updates, and updates to Moicon components. Many of these platform updates include important security fixes. Moicon ensures that your Moicon environments are running on the most recent and secure platform.

Monitoring

Monitoring is an important part of maintaining the reliability, security, availability, and performance of your Moicon Digital Twin Platform. Moicon continuously monitors these services.

TLS Encryption

Moicon uses Transport Layer Security (TLS. This is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide privacy and data integrity between two or more communicating computer applications. It runs in the application layer and is itself composed of two layers: the TLS record and the TLS handshake protocols.

DNSSEC

The Domain Name System Security Extensions (DNSSEC) is a DNS feature that authenticates domain name lookup answers. It doesn't give any privacy protections for those lookups, but it does stop attackers from tampering with or poisoning DNS requests.

Sensitive data filtering (in API)

Whether it's the volume of unnecessary data returned through the API or information that reveals too much about the API endpoint, certain APIs give much too much information. This happens when an API delegates data filtering to the user interface rather than the endpoint. Moicon’s APIs only return as much data as is required to do their task.

Token based authentication [JWT Token]

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.

We sign JWT tokens using a secret (with the HMAC algorithm), so they can verify the integrity of the claims contained within it.

Once the user is logged in, a new JWT token is created. Each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token.

Strong Encryption on wire [HTTP + TLS]

HTTPS is the secure version of HTTP protocol. It leverages Transport Layer Security (TLS) that encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence. Your web browser analyzes the website's security certificate and verifies it was issued by a legitimate certificate authority. To maintain 100% protection, we always force encrypted connection to our services. This ensures that if you see "https://twin.moicon.net" in your browser's address bar, you're connecting to the real Moicon website.

For security and availability, we use data center hosting partners who are SOC-2, PCI DSS, and ISO27001/ISO 27018 certified, with many levels of redundancy built in.

To identify potential security vulnerabilities, we developed intrusion detection and prevention systems.

By default, all sensitive data using Transport Layer Security (TLS) and Perfect Forward Secrecy (PFS).

We conduct penetration testing to maintain the perimeter secure and identify security issues.

We keep a close eye on critical parameters in order to optimize availability and performance. Elastic scaling, geo-redundancy, and fault tolerance are all features of our infrastructure.

For guaranteed data loss protection, we perform daily backups of all systems and services, both local and external, with a 30-day retention period.

All important systems in our systems have built-in fault tolerance, which means there is no single point of failure.

Our worldwide monitoring system uses best-in-class tools like Sentry to cover all layers of technical infrastructure.

Our team responds to requests 24/7, including weekends and holidays, uses an escalation structure to ensure that the relevant individuals are notified and issues are resolved fast.

Our infrastructure is scalable, allowing us to simply extend and shrink our resource pool in response to higher load inputs.

To offer the service you require, our data collecting and processing procedures require the least amount of information possible.

Personally identifiable data

You have the right to revoke your consent to access or use at any time.

Third-party access

Every partner complies with Moicon's privacy policies and standards.

Data access, use, storage

We collect as little data as possible.

We adhere to all industry regulations, including the EU General Data Protection Regulation (GDPR), which took effect on May 25, 2018. Moicon examined and upgraded our internal legal review process in preparation, ensuring GDPR compliance while maintaining our security safeguards. We also provided training to privacy personnel and employees, as well as assistance to our partners in preparing for GDPR implementation.

We only collect the information needed for fulfillment and processing, and we only use it for the purposes outlined in our Privacy Policy.

For fulfillment and processing purposes, we keep personally identifiable data for the shortest time possible.

Personal data is processed in a legal, fair, and transparent manner. We strive to provide information regarding the purposes, methods, and volumes of personal data processing as easy to find as feasible.

When you ask us to erase or correct faulty personal data, we do it right away. You have the right to request that Moicon amend your incorrect personal data without excessive delay.

You have the option to refuse to disclose personally identifiable data with Moicon, or to withdraw your permission to the processing of personal data and request the removal of information, however this may limit our ability to provide certain features and functionality.

You may request that Moicon erase your personal data that you previously provided to us, and we will do so as soon as possible if the data is no longer required for processing purposes.

By contacting us at support@moicon.net, you can review and opt out of receiving personalized adverts and sharing your information with third parties for direct marketing reasons at any time.

We require all third parties having access to personal data to process that data in accordance with our Privacy Policy (for reasons such as web hosting, order fulfillment, data analysis, and reporting). We only allow a restricted use of this information, and we expect these parties to take reasonable precautions to protect it.