We are thrilled to announce that Secomea has obtained the ISAE3402 declaration, marking a significant milestone in our commitment to providing the highest level of security for our customers.
The ISAE3402 declaration is a testament to our dedication to security and our ability to provide a safe and reliable service. It ensures that our security capabilities are fully documented and that we comply with international information security standards.
You can learn more about our approach to cybersecurity here.
The ISAE3402 declaration is an international standard for assurance reporting on controls at service organizations. The report is a comprehensive document that describes the controls in place at organizations, including policies, procedures, and safeguards, and provides an assessment of their effectiveness.
The ISAE3402 process involves a rigorous evaluation by a third-party auditor who assesses the controls in place and provides an opinion on their validity.
With this control report, Secomea has now achieved full-circle documentation of our security capabilities, particularly with our recent annual audit for IEC62443-4-2:
Before going to market/placing on the market
During maintenance/servicing product
Organizational security measures:
After delivery and throughout the lifetime
Official CVE Numbering Authority (CNA):
This level of transparency allows our customers to make informed decisions about their own security practices, including their supplier evaluation process. It also means that our customers can rest assured that we have met the highest information security standards, providing them with a robust and secure service.
The NIS2 directive is relevant to the majority of Secomea’s customers, as they must evaluate their suppliers based on the overall quality of products and cybersecurity practices of their suppliers and service providers, including secure development procedures. With the ISAE3402 declaration, we are now able to demonstrate to our customers that we meet the industry security standards and provide the assurance they need to meet NIS2 compliance.
Security is paramount at Secomea, and we’re committed to doing all we can to ensure our customers remain protected in the ever-evolving threat landscape. The documented security capabilities provided by these third party audits are essential to both IT and OT environments, ensuring comprehensive security processes that addresses both domains.
In IT environments, our customers rely on us to provide secure remote access solutions that allow them to connect to their assets without compromising security. This is especially important in the current climate where remote work is becoming more prevalent, and the attack surface is expanding. Our ISAE3402 declaration demonstrates that Secomea has implemented strong policies, procedures, and controls to ensure that our remote access solutions are secure and reliable.
In OT environments, our customers require secure remote access solutions that allow them to manage their industrial control systems (ICS) without compromising safety. This is crucial, as any unauthorized access to these systems could have catastrophic consequences. Our IEC62443-4-1 certification demonstrates that we have implemented strong security measures to protect our customers‘ ICS networks and ensure that their critical infrastructure remains safe and secure.
In summary, Secomea’s documented security capabilities are necessary to both IT and OT environments, and our recent declarations provide customers with the assurance they need to trust our services. We will continue to invest in security and work closely with customers to ensure that their security needs are met both now and in the future.
If you have any questions or would like to understand more about our processes, please do not hesitate to reach out.