Embedded cyber security for your OT networks

We address cyber security on every step, paying attention to the connections between legacy and future systems and the two-way data flow between everything.

TOSIBOX® OT networking solution is globally audited, patented and performs at the highest security levels in the industry. The technology is based on two-factor authentication, automatic security updates and the latest encryption technology.

TOSIBOX® is not a cloud service, but a direct VPN tunnel between the physical devices. Only trusted devices can access the network. One TOSIBOX® Lock device protects all devices behind it. All users and Keys are managed from a single console, so you can be sure that your network and data will remain encrypted and secure.

Every remote access connection, even if it is just between one user and a connected device, is the foundation for an operational networkLearn from the video how TOSIBOX® remote access works. 

TOSIBOX® OT network components with embedded cyber security

TOSIBOX® OT network connects people, edge connectivity and centralized data points with its scalable components for people devices, management, and connectivity:

  • For people: TOSIBOX® Key is a client used to access the network. The ecosystem can have several admins and numerous users using physical TOSIBOX® Keys, TOSIBOX® Mobile Client app or TOSIBOX® SoftKey software licenses.
  • For devices: TOSIBOX® Lock can be a router with firewall sharing access to devices or a software installed inside a third-party device. As the company grows, more Locks can be added to various locations.
  • For management: TOSIBOX® Hub is the platform for easy OT network and access rights management. You can limit access, add new users and objects simply by drag and drop.
  • For connectivity: The TOSIBOX® MatchMaker background service is the heart of TOSIBOX® connectivity. It helps users find the Locks that their Key has access to, no matter where the Lock or the user are located. The MatchMaker provides a global relay network that helps to establish the connection.

Embedded cyber security in TOSIBOX® OT networks

What makes TOSIBOX® so secure? 

All audits are performed according to the international standards
The information security of TOSIBOX® products, services, and operations is officially audited. The security audit was conducted by a global independent company according to the ISAE3000 Assurance Standard and the controls and content of the audit were based on the ISO 27001:2013 standard and the OpenSAMM – the Software Assurance Maturity Model.

Physical and remote matching
In mandatory first physical or remote matching process,
TOSIBOX® devices used in TOSIBOX® OT networks create a trust relationship between each other.

Two factor authentication
2FA means there are two different things required for user to authenticate and get access: Something that the user has (TOSIBOX® Key or a mobile device) and something that user knows (the password).

End-to-End encryption
A VPN connection is established directly between the TOSIBOX® devices and the data can be decrypted only at the connection end points (devices). Nobody – not even Tosibox Oy – can decrypt the data in between.

Patented connection method
This allows establishing connection even when both parties are behind firewalls or NATs. As a result, in TOSIBOX® devices there are no services that would be all the time listening or exposed to the Internet.

In addition to making our products secure, we have put a lot of effort on making them easy to use. With fewer things for users to remember and worry about, TOSIBOX® products are practically impossible to misconfigure.

No backdoors
TOSIBOX® solution has no backdoors. Also, Tosibox Oy does not retain any private keys or passwords for the products. Our technical support can access a Lock only after the user has explicitly turned on the remote support feature.

Industry standards and proven technologies
TOSIBOX® OT networking solution components use industry standards and proven technologies such the PKI/RSA crypto-system with 4k bit encryption keys, control & data channel with AES encryption with 256Bit, Diffie–Hellman key exchange and TLS sessions.

> Read more at the Security Center

Watch our webinar to learn more about embedded cyber security

We recently held a 30-minute webinar dedicated to improving cyber security in building automation. Fill in the form to watch the recording at your convenience!