Security & Compliance
Security is foundational to CSP. Protection of data, devices, and integrations is embedded in the platform’s architecture and reinforced through structured processes and independent validation.
A Structured Approach to Platform Protection
Security is treated as an ongoing discipline. Safeguards are integrated throughout the platform lifecycle, from design and development to deployment and operation, focusing on prevention, validation, and continuous improvement.
A Secure Foundation from the Start
Security considerations guide every architectural decision, enabling safe integration with enterprise systems such as email and calendars while maintaining strict control over access and data flow.
Core Security Controls
01
Strictly controlled device connections
Limited access points reduce potential attack surfaces.
02
End-to-end encryption
All data transfers and firmware updates are encrypted.
03
Network security integration
802.1X authentication ensures only authorized devices connect.
04
Power over Ethernet (PoE)
Encourages secure, wired connections over wireless reliance.
Addressing Common
Security Questions
Has the platform ever been hacked?
To date, there have been no known or reported breaches. Any potential vulnerabilities are identified and mitigated through internal controls and external validation.
Are there security risks?
As with any connected system, risks exist. CSP is designed with layered controls and continuous monitoring.
How do we test for vulnerabilities?
Through integrated development testing and independent third-party assessments.
Security Measures & External Validation
We believe that robust security requires continuous oversight, external verification, and adherence to industry best practices.
1. Ongoing Risk Assessments
- Secure coding training for developers
- Code reviews and automated vulnerability scanning
- Third-party risk assessments
Certus Operations collaborates with a leading Nordic cybersecurity firm to conduct:
- Security training and coaching
- Formal and informal system reviews
- Penetration testing and vulnerability assessments
2. Industry-Recognized Expertise
Our security program is supported by senior cybersecurity professionals with advanced certifications across offensive security, auditing, and enterprise defense.
Certifications include:
CISSP, CISM, CISA • OSCP, GPEN • CEH, GCED, CySA+ • GICSP
Our external partner maintains:
- ISO 9001, ISO 14001, ISO 27001 certification
- Membership in FIRST, Trusted Introducer, and IT Security Made in EU
Built-In Protection & Secure Architecture
CSP employs layered protections to minimize risk and ensure data integrity.
01
End-to-end encryption
TLS secures all sensitive data and firmware updates.
02
Electronic Signatures
Verifies software authenticity and backend communication.
03
Modern Authentication Standards
OAuth and other secure login protocols.
04
Restricted Device Access
Limited and monitored connections.
Continuous Security Enhancement
01
Secure coding practices, reviews, and vulnerability scanning
02
Continuous refinement, including threat modeling
Transparency & Customer Confidence
We provide transparency into our security posture so customers and partners
can make informed decisions.
Available documentation:
Penetration test executive summaries
Security whitepapers
Release notes detailing security updates
Documentation is shared through licensees.
Certus Operations does not provide direct end-user support.