Search
US
  • Products
  • Markets
  • IIoT & Solutions
  • Company
  • Resources
  • Supply Chain Software
  • my ifm
  1. moneo IIoT platform
  2. Cyber security

Cyber security from factory floor to Cloud

ifm creates a secure connection between the real and digital world

ifm’s Sensor to Cloud solution secures your system with multi-tier protection, covering both individual access point and the overall network. Using zero trust principles, Single Sign-On, data encyrption, and network segmentation, we deliver continuous monitoring, real-time threat detection, and regular updates for reliable manufacturing security.

Secure edgeGateway

The secure edgeGateway is designed to provide robust, IT-compliant remote access while maintaining strict separation and protection for OT systems. Key security features include: 

  • Dedicated IT/OT network segmentation with separate ports ensures no direct communication between networks via the gateway, while still enabling simultaneous operation on both sides.
  • Edge-level OT access control is provided via an integrated, password-protected web interface, including user rights management, automated backups, and recovery options.
  • Supports continuous software and security updates to maintain long-term system integrity.
  • Hardened operating system built for industrial-grade cybersecurity and reliability.
  • Designed for secure environments, compliant with IEC 62443-1-1 standards.

Cloud security

moneo is a secure, scalable platform for managing users, devices, and connectivity, ensuring that security and usability go hand in hand. With modern technology and security principles, ifm ensures the highest standards to protect the factory floor.

Authentication & user management

  • Single Sign-On (SSO): moneo supports Single Sign-On for advanced authentication across platforms.
  • Role-based user management: Access rights can be assigned based on roles such as AdministratorUser, or Visitor. Permissions can also be configured for specific areas within moneo, ensuring users have access only to what they need.

Device management

  • Centralized control of IoT devices: moneo offers a single platform to monitor device status, perform remote firmware updates, and onboard/offboard devices.

Secure Cloud connectivity

  • Certificate-based authentication: Each moneo|edgeGateway uses multi-level, certificate-based authentication for unique and secure access to moneo.

  • Controlled network access: Only specific ports and URLs must be open, limiting exposure and ensuring that only essential network pathways are accessible.

  • Encrypted communication: All data exchanged between the edgeGateway and moneo is encrypted using AES-256-bit TLS.

Technology powered by Microsoft Azure 

Since 2024, Microsoft and ifm have partnered to develop secure, innovative, and easily accessible solutions for our customers.

ifm signs agreement with Microsoft - ifm 

The moneo platform is hosted on Microsoft Azure, ensuring state-of-the-art security for cloud-based solutions. It also leverages a wide range of Azure’s built-in security services to enhance protection.

Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) that safeguards cloud-based applications against cyber threats and vulnerabilities. It includes: 

  • DevSecOps integration for unified security management across multicloud and multi-pipeline environments

  • Cloud Security Posture Management (CSPM) to identify and mitigate risks before they lead to breaches

  • Cloud Workload Protection (CWPP) for securing servers, containers, storage, databases, and other workloads

Azure Firewall is a cloud-native, intelligent network security service that provides advanced threat protection for Azure cloud workloads.

  • Firewall-as-a-service with built-in high availability and unlimited scalability.
  • Inspects both east-west traffic (within a virtual network) and north-south traffic (between the network and external sources), ensuring comprehensive network security coverage.

Azure Threat Protection Intelligence provides built-in, real-time threat detection and response capabilities across Azure services. It helps identify and respond to potential security threats using Microsoft’s global threat intelligence and advanced analytics.

remoteConnect

Secure remote Access with state-of-the-art technology

remoteConnect uses advanced VPN technology to provide fast and secure remote access. With modern encryption and streamlined architecture, remoteConnect delivers high-speed, reliable, and secure connections for remote communication.

Security by design

The ifm continuous approach to Cyber-Security

IT Security Threads are constantly evolving and with the ongoing convergence of IT and OT more and more Cyber Security Actions needed to be done to protect the Machine Level. Within ifm we are constantly evolving as well, to keep the Shopfloor protected from the latest threats. 

Click on the figures to find out more 

 

Your data – your property

Who owns the data?

In accordance with the conditions set out in the General Terms and Conditions for the use of the cloud software, the customer remains the owner of the data. If ifm needs to access or process the customer’s data, it does so as a processor and follows the customer’s instructions for handling the data. Although ifm can support the customer with regard to the data, the customer still retains ownership and responsibility for their data in moneo.

Where is your data?

The data in moneo is stored in data centers provided by Microsoft. Microsoft Azure is a global cloud infrastructure provider, and ifm uses the data center services in Europe (Western Europe, Amsterdam) and the USA (East-US, Virginia) to ensure data storage and availability of the data stored in moneo.
The customer decides where the data is stored and, therefore, which local regulatory and data protection requirements will apply.

Cyber security certificates and documentation

ISO 27001 certification: Since 2012, ifm has operated an ISO27001 -certified Information Security Management System (ISMS). This international standard is the leading framework for managing information security. It ensures the confidentiality, integrity, and availability of data across ifm’s development, production, and sales processes by systematically managing security risks.

Developed in line with Federal Security Guidelines: remoteConnect is developed in accordance with the “Securing Remote Maintenance” (M 5.33) guidelines issued by the German Federal Office for Information Security (BSI).

Key security features include: 

  • Logging of all remote maintenance activities.

  • Compliance with the dual-control principle, remote access is granted only with customer approval. 

  • Authentication and role-based access control for service personnel. 

  • Encryption of all transmitted data 

TISAX compliance: TISAX (Trusted Information Security Assessment Exchange) is a key standard for ensuring information security in the automotive industry. ifm complies with TISAX requirements, which means that products such as moneo and edgeGateways are reviewed to meet the high security standards demanded by automoative manufacturers and suppliers.

Additional certificates and documentation

At ifm, we go beyond delivering high-quality products, we are committed to transparency, trust, and responsibility. Learn more about our governance practices, sustainability initiatives, and social responsibility through our reports and certifications.

➜ Reports, certificates, and portals