Security at every level of our solution

Fully integrated security within our routers and cloud platforms for today, tomorrow, and every day that follows.

Cybersecurity at the heart of our proposition

IT Approved

Full integration of IT security standards means little or no IT changes required. You get the ultimate solution to manage your remote solution needs with maximum control, visibility and security.

ISO 27001 certified

Both Talk2M, our cloud solution, and our gateways are part of our ISO 27001 scope. The heart of this certification is continuous improvement in terms of Information Security.

Layered Security Approach

While ease of use is important, the security, integrity, and reliability of our Talk2M cloud infrastructure and its customers' networks remains our first priority.

Close partnership with NVISO

We work closely with an independent cyber security firm to ensure our solution is adapting to the evolving security landscape. With their experience in Technology, Telecom, and Financial Services sectors along with the co-creation of the OWASP Security Verification Standard, NVISO holds us to the highest quality standards.

NVISO logo - icon

IEC 62443-4-1-certified

HMS Networks is certified according to the IEC62443-4-1:2018 standard. The certification process was performed by TÜV Rheinland to validate a secure product development lifecycle process within industrial automation and control systems.


Learn More About Our Security Approach!




NVISO_Privileged Testing Partner_PREVIEW 

A pure play cybersecurity consultancy company

NVISO is an independent professional services firm focusing exclusively on information and cyber security. From its headquarters located in Brussels, NVISO started in 2013 with its mission to safeguard organisations in critical industries from security incidents. Its proven track-record in providing cybersecurity related services for financial services (among which, all large banks in Belgium), has allowed NVISO to further expand into Europe by opening offices in Frankfurt and Munich.

NVISO invests 10% of their annual revenue into research and development. In addition, all NVISO employees are NATO cleared (level SECRET) which allows for a dedicated team that is specialized in both giving security advice and performing security assessments on products, applications and infrastructure. NVISO has created and currently teaches several SANS courses with regards to cyber security assessments (SEC599, SEC699, SEC560 & SEC577). They also co-create the OWASP Security Verification Standard and Mobile Application Security Verification Standards and lead the development of the IoT Security Verification Standard.

IT Approved

By balancing both security and ease of use, Ewon creates best-in-class remote solutions that work for both users and IT managers.

Key advantages for Factory IT Acceptance

  • Firewall Friendly: because no incoming connections are made to the device, there is no need to change firewall settings, routing policies, open ports or add exceptions. Little to no IT involvement is required. Ewon devices initiate a VPN tunnel to our Industrial Cloud VPN Servers by making an outbound connection across the factory LAN using ports that are commonly enabled (HTTPS port 443 or UDP port 1194).
  • Key Switch: thanks to the use of a Key Switch or HMI Button to the Ewon device’s digital input, the end user keeps full local control of whether the device is remotely accessible or not.
  • Connection Audit Trail: our solutions provide traceability. A connection report is available for account administrators to see which users were connected to which devices, where and when. This report can be a valuable tool to ensure that your corporate remote solution policies are being followed.
  • Multi-Factor Authentication: along with the User/Password, you can add a second layer of security with a key sent by SMS that changes at each login.

Curious to learn more about our IT accepted remote connectivity solution?


Get our Remote Access FAQ 

ISO 27001 Certified

Our ISO 27001 scope covers both Talk2M our industrial cloud solution and our gateways. Our engineers are regularly audited to ensure the highest security level of our products and services, and to offer the most secure solution with confidentiality, integrity, and availability in perfect balance.

A living security solution that continuously improves for an evolving cybersecurity landscape!

  • Our Information Security Management System (ISMS) guarantees that all security issues/threats are identified and adequately handled.
  • We identify potential vulnerabilities and security threats before they become an incident.
  • We continuously improve the organizational services and technical expertise of our engineering teams.
  • All remote connectivity within Talk2M including M2Web and eCatcher as well as the hardware and firmware of our gateways are regularly pentested.
  • Security is a key value for Ewon and so we partnered with NVISO a cybersecurity company. They assist us with the overall secure development of our products, applications and supporting Talk2M cloud infrastructure.

Layered Security Strategy

Take advantage of the best-in-class defense-in-depth approach for your remote connectivity solution. Using guidelines set forth by ISO 27002, IEC 62443-2-4 and NIST Cyber security Framework 1.0, we have developed a managed, hybrid, layered cybersecurity approach to protect your devices, network and most importantly, your industrial control systems.

Layer 1 – Ewon Router

WAN/LAN Network segregation, local device authentication, and a physical switch for enabling/disabling remote VPN access.

Layer 2 - Firewall

A comprehensive firewall that covers IP addresses, ports, and per-protocol filtering. You can also restrict access based on the user, the user group, and the site for individual or multiple devices.

Layer 3 - Traffic encryption

All remote connectivity VPN sessions are end-to-end encrypted using OpenVPN and the SSL/TLS protocols.

Layer 4 - User and access management

Unique user logins, configurable user rights to different devices, two-factor authentication, and a full connection auditing provide world-class traceability.

Layer 5 - Network infrastructure

We partner with globally redundant hosting partners which include 24/7 monitoring and are fully transparent regarding our server and services status.

Layer 6 - Policy compliance

The Ewon device/Talk2M solution enhances and is compatible with existing corporate security policies, firewall rules, and proxy server settings.


Download our guide and enjoy a secure connectivity

IEC 62443-4-1-certified

HMS Networks is certified according to the IEC62443-4-1:2018 standard. The certification process was performed by TÜV Rheinland to validate a secure product development lifecycle process within industrial automation and control systems.


Security through a certified development process


IEC62443-4-1 is part of the IEC 62443-4:2018(E) standard which specifies the process requirements for secure development of products used in industrial automation and control systems. Receiving the IEC62443-4-1 certificate is yet another step on HMS’s cyber security journey. The certificate confirms that HMS has a process in place for secure product design, technology to handle vulnerability disclosures, and the ability to transparently work with customers to help them manage security risks.

“The automation industry needs partners that can provide technology and services which protect the users’ most valuable assets,” says Timo Van´t Hoff, CPO of HMS. “When companies work with HMS, they can rest assured that we always have security in mind, and that security is continually addressed in our daily work”

The new certification was independently performed by TÜV Rheinland, and the IEC62443-4-1 certificate is adding to an expanding list of acknowledgements for HMS' success in helping customers strengthen their cybersecurity within the area of industrial automation and control systems.


Request the Talk2M security whitepaper

This whitepaper provides answers to all your question about Talk2M and the security that comes with it.

What is Talk2M?
How do you connect the machine to the Internet?
Connecting the machine and the user to Talk2M
Using the VPN connection
Security of the Talk2M System and Architecture
Availability of Talk2M servers

Request the Talk2M Security Whitepaper

Responsible Disclosure program

If you have identified a vulnerability, inform us responsibly.


Get the latest cybersecurity advisories for all the products of HMS's brands.