EcoStruxure IT Security Handbook

Application security

 

Schneider Electric is committed to securely develop and test against security threats to ensure cstomer data safety. Furthermore, Schneider Electric continuously employs a rotating number of 3rd party certified hackers to perform detailed penetration tests of the entire EcoStruxure IT platform.

 

Security training

All new EcoStruxure IT software developers attend a mandatory security training which is given upon hire and every year after that. Additionally, they can choose to enroll in a White Hat Hacker training to receive the Ethical Hacker certification.

 

Peer review

Any change to the EcoStruxure IT platform is subjected to a mandatory peer review where code and infrastructure changes are reviewed by at least one other engineer in order to validate code quality, security and performance.

 

All changes are tracked using a version control system (GIT) to ensure history, traceability and audit tracking.

 

Separate Environment

EcoStruxure IT testing environments are physically isolated from the Production environment.

 

Application vulnerabilities

 

Dynamic Vulnerability Scanning

Schneider Electric uses several third-party security tools to continuously dynamically scan the EcoStruxure IT platform for vulnerabilities. Schneider Electric maintains a committed security team to handle results and work with engineering teams to remediate issues.

 

Static Code Analysis

All changes to source code are continuously scanned for bugs, security and license issues via static analysis tooling. Any source code change which doesn’t meet the EcoStruxure IT standards will be returned to the development team for improvement.

 

Third Party Security Penetration Testing

Schneider Electric continuously employs a rotating number of third party certified hackers to perform detailed penetration tests on all components of EcoStruxure IT (gateway, mobile and web app).

When new features are released, mission statements are handed to security experts to verify feature security. 

Learn more about our security test report sharing policy

 

Incident Response

The Schneider Electric Corporate Product Cyber Emergency Response Team (CPCERT) has defined vulnerability management processes to ensure efficient incident response.

To report an incident, please contact your local Customer Care Center and include:

 

• Product line
• Vulnerable version
• Vulnerability type [CWE ID, if available]
• Organization name
• Email adress
• Phone number
• Country

 

If you’re a researcher, please report a cybersecurity vulnerability here.

 

All vulnerability disclosures are reported on the Schneider Electric Cybersecurity Support Portal.

 

XSS Protection (Incident Validation)

In accordance with industry best practices, we use strict procedures for output sanitization of all user input. This is enforced in part by static code analysis and also by using well known, tried and tested third party frameworks.

 

Product security features

 

The EcoStruxure IT platform is security hardened with a mandatory two-factor authentication and high encryption standards. Your data is securely transported to the EcoStruxure IT platform using the EcoStruxure IT Gateway, which uses an outbound connection to ensure no one can compromise your environment.

 

It is best practice to keep operating systems and browsers up to date and patched regularly in accordance to vendor recommendations. 

 

Authentication security

 

Password policy

The EcoStruxure IT password policy requires:

 

• At least 8 characters in length.
• At least 3 of the following 4 types of characters:
  • Lower case letters (a-z),
  • Upper case letters (A-Z),
  • Numbers (i.e. 0-9),
  • Special characters (e.g. !@#$%^&* )
• No more than 2 identical characters in a row (i.e. “aaa” not allowed)

 

EcoStruxure IT will validate your password, as long as it is not one of the 10,000 most common passwords and that it is not the first part of your email address.

 

Please note that your password will not expire according to recommended password policies by NIST & National Cyber Security Centre in the UK.

 

Multifactor Authentication

Multifactor authentication provides another layer of security to your EcoStruxure IT account, making it more challenging for somebody else to sign in as you.

 

Multifactor authentication is turned on for all logins to EcoStruxure IT, whether you are a customer, partner or Schneider Electric employee.

 

Schneider Electric advises you to use the EcoStruxure IT app for second factor authentication or a 3rd-party authenticator app. Though it is possible to use short-lived one time SMS tokens as a last resort, it is not recommended.

 

Secure Credential Storage

Schneider Electric follows secure credential storage best practices by never storing EcoStruxure IT passwords in clear text format, and only as the result of a bcrypt secure, salted hash.

 

Passwords are decoupled from the internal platform and saved using Auth0, a solution recommended by authentication management experts.

 

Failed Login Attempts

Schneider Electric enforces brute force protection for EcoStruxure IT. You will be blocked from logging in to your account if you have entered a wrong password for more than 10 times from the same IP address. You will then receive instructions on how to unblock the IP address from EcoStruxure IT via email.

 

Schneider Electric enforces rate limits as well. If you attempt to log in 20 times per minute as the same user from the same location, regardless of having the correct credentials, the rate limit will apply. You will then only be able to make 10 attempts per minute.

 

EcoStruxure IT Gateway Security

 

Outbound Connection

Schneider Electric is committed to keeping your data secure and private, even before it leaves your site. All connections from the EcoStruxure IT Gateway to our cloud are validated using an industry standard 2048 bit RSA certificate and data is encrypted in transit using 256 bit AES encryption.

 

To avoid compromising the security of your site, the EcoStruxure IT Gateway uses an outbound connection through Port 443, and only communicates to EcoStruxure IT cloud using 40.84.62.190, 23.99.90.28, 52.230.227.202, 52.177.161.233, and 52.154.163.222.

 

The communication from this outbound connection is always initiated by the Gateway. The Gateway connects to our cloud at regular intervals to check for messages, and then performs actions based on those messages. 

Infographic: Learn more about how EcoStruxure IT applies updates to your infrastructure

 

Authentication

All requests coming from the Gateway are signed using a unique private key created on installation and stored in the gateway, making it impossible to impersonate it.

 

Auto Updates

The EcoStruxure IT Gateway features an auto-update functionality ensuring that the software security patching happens automatically and that the Gateway is always up-to-date.

During the update, the Gateway continues to communicate sensor data and alarms to the cloud, minimizing downtime.

 

See EcoStruxure IT Gateway Security Handbook 

 

Data privacy

 

Schneider Electric ensures the privacy and integrity of your data at all times. It is committed to complying with its obligations under the GDPR. EcoStruxure IT only uses machine data to optimize your experience with the platform – guaranteeing the confidentiality of your personal data.

 

Privacy Policy

Learn more about privacy at Schneider Electric

 

GDPR

The General Data Protection Regulation (“GDPR”) addresses the processing of personal data and the free movement of that data. Its goal is to strengthen the security and protection of personal data in the EU and to harmonize EU data protection law.

This regulation sets out a number of data protection principles and requirements which must be adhered to when personal data is processed.

 

Schneider Electric is committed to complying with its obligations under the GDPR. Schneider Electric shares personal information with 3rd party data processors on a need-to-know basis.

 

Learn more about what personal data is shared with subprocessors and subcontractors

 

Personal Data Handling and Storage

Schneider Electric collects sensor data and alarms from critical infrastructure devices that you choose to share with us. Schneider Electric only collects data about the performance of your equipment and metadata, such as where it’s located and how old it is.

 

Before being committed to storage, your data is tagged as yours. Your data is segregated from other customers data by a unique identifier, which the system uses to ensure proper matching of data. In addition, the cloud engine keeps a complete audit trail of the data received and the data processing, so we can always retrace our steps and see where your data has been and what it has been used for.

 

EcoStruxure IT does not access any data stored on your servers or storage, or monitor any traffic passed through your network. Data is stored on Microsoft Azure in the United States. 

 

EcoStruxure IT Privacy Notice

 

Personal Data Use

Firstly, Schneider Electric processes and stores data for you, so it’s available to you anywhere in the world through the EcoStruxure IT app. But more importantly, sharing your data with Schneider Electric allows us to optimize the services and products we provide, to help you optimize your data center, and to enable you to benchmark yourself with peers worldwide.

 

Automatic Personal Data Deletion

When you deactivate your EcoStruxure IT account, our system automatically deletes your personal data for login. A historical record is kept for marketing purposes that is deleted after three years.

 

Data center and network security

 

Physical security

 

Facilities

The EcoStruxure IT servers are hosted in the United States on the Microsoft Azure Cloud, which is ISO 27001, HIPAA, FedRAMP, SOC 1, and SOC 2 certified. 

Learn more about Microsoft Azure facilities, premises and physical security

 

Network security

 

Logical Access

Access to the EcoStruxure IT Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is monitored, and is controlled by our Operations Team. Employees accessing the EcoStruxure IT Production Network are required to use multiple factors of authentication.

 

DDoS

As EcoStruxure IT is running on Microsoft Azure, Schneider Electric leverages their always-on traffic monitoring, and real-time mitigation of common network-level attacks, providing the same defenses utilized by Microsoft’s online services.

 

Third Party Security Penetration Testing

Schneider Electric continuously employs a rotating number of 3rd party certified hackers to perform detailed penetration tests of the entire EcoStruxure IT platform. 

Learn more about our security test report sharing policy

 

Monitoring

EcoStruxure IT is maintained and operated by a core DevOps team with extremely high standards for cyber security and data privacy. All parts of the EcoStruxure IT system are continuously monitored and scanned for potential security vulnerabilities or privacy issues.

The DevOps team is on-call 24/7 and able to react promptly to newly discovered threats or issues.

 

Encryption

 

Encryption in Transit

All connections to the EcoStruxure IT cloud are validated using an industry standard 2048 bit RSA certificate and data is encrypted in transit using 256 bit AES encryption.

For Android versions prior to 7.0, Schneider Electric can only guarantee 128 bit AES encryption due to limitations in the Android platform.

 

Encryption at Rest

EcoStruxure IT data is encrypted using 256 bit AES encryption.

 

Availability and Continuity

 

Uptime

EcoStruxure IT maintains a publicly available system-status webpage which includes system availability details, scheduled maintenance, service incident history, and relevant security events.

 

Redundancy

All components of the EcoStruxure IT platform are deployed in high availability configuration to eliminate single point of failure. All data is backed up to separate storage to prevent data loss.

 

Subprocessors and subcontractors for EcoStruxure IT

 

To support the delivery of EcoStruxure IT services, Schneider Electric uses subprocessors that may store and process personal data on users and subscribers to EcoStruxure IT services cloud solutions.

 

Subprocessors Personal Data

 

Entity name	Purpose	Entity country
Auth0	Auth0 provides a universal authentication and authorization platform for web and mobile. EcoStruxure IT uses Auth0 as identity provider.   For this purpose user name, e-mail, telephone number, IP address and login log information are stored in Auth0.	USA
Cloudflare	Cloudflare provides a global content delivery network, web application firewall and protection from distributed denial of service attack.   EcoStruxure IT uses Cloudflare to protect the service against malicious attacks.	Global
Google	Google provides address lookups. EcoStruxure IT uses Google to do address lookups when adding new locations.	Global
MapTiler	MapTiler provides customizable maps. EcoStruxure IT uses MapTiler to show maps to users of customer locations.   MapTiler is supported by OpenStreetMap.	Switzerland
Segment	Segment is a single platform that collects, stores and routes user data to other tools. EcoStruxure IT uses segment to route analytics and event tracking of user behaviour to Totango.   For that purpose Segment stores the name, e-mail, and IP address of the user.	USA
SendGrid	SendGrid is an e-mail service provider. EcoStruxure IT uses SendGrid to send invitations, machine data reports, and password resets.   For logging purposes SendGrid stores e-mail address and information on whether the e-mail has been delivered and opened.	USA
Totango	Totango Inc. provide customer success software. EcoStruxure IT uses Totango to gain insights and analytics on customer behaviour and adaption as well as to send newsletters and updates to users.   Totango stores e-mails and phone numbers of users.	USA
Twilio, Inc.	The EcoStruxure IT uses Twilio to send authentication tokens to end-users who have chosen SMS based two-factor authentication.   For this purpose Twilio has access to the users telephone number in order to send authentication tokens via SMS.   Twilio is also used to send alarm push notifications. For this purpose Twilio has access to the content of the alarm notification.	USA
Salesforce	Salesforce provides cloud-based customer support services. EcoStruxure IT uses Salesforce as a ticketing system for registering customer incidents.   For that purpose Salesforce has access to and stores company/account name, names of users, e-mail, phone number, and information on incidents (alarms and ticket updates).	USA
Slack	Slack is an instant messaging program used for organizational communication. EcoStruxure IT uses Slack to publish customer feedback.   For that purpose Slack stores company/account names, names of users, and subscription information.	USA

 

Subprocessors Hosting

 

Entity Name	Purpose	Entity Country
Amazon Web Services	Amazon Web Services provide cloud hosting services.	USA
Microsoft Azure	Microsoft Azure provide cloud hosting services. Microsoft Azure is our primary cloud hosting services provider.	USA