Description of Cybersecurity

All devices are protected by the Samsung Knox Suite, including Samsung phones and the Samsung Knox Manage management system. Samsung Knox is certified, including U.S. and Canadian Governments  validation of the effectiveness of cryptographic hardware: FIPS 140-3, FIPS 140-2 and Finland National Security Audit Criteria  KATAKRI (The National Security Authority in Finland). We are the only people counting solution provider that uses devices with KATAKRI certification, which is designed to to protect an authority’s classified information.

In devices all other applications except Supersight people applications  are restricted and do not have access to the Internet. The microphone and Wi-Fi are disabled. Samsung Knox prevents unauthorized access and maintains audit logs.

All actions performed on the device are automatically recorded in the Samsung Knox audit log, including remote access to the device, viewing device information, sending commands, changing profiles and transferring files. Samsung software is used to limit physically unauthorised access to device settings or physical interaction with devices at their location. In case of theft, the phone cannot even be reset to factory settings.

Security policies set for each device will override any attempts to change settings and ensure that settings cannot be changed. This multi-layered approach ensures both physical and digital security and enforces strict access control on the devices. The Samsung Knox administrator can change security policies, but any action taken after the device is installed is automatically logged in the audit log. At any time, the customer, with the assistance of our technical personnel, can review the log data recorded by the third party, Samsung Knox.

Separately agreed restrictions on remote access

If expressly agreed in writing with the customer, Supersight undertakes to remotely connect to the counting sensors without prior notice only with the following remote commands: restarting the device, updating configurations and updating software. If Supersight needs to perform other maintenance work on the counting sensors remotely,  Supersight will first contact the customer and, after obtaining permission, will remotely connect the sensor only at a time specified in writing by the customer. The customer may at any time review the remote connection log files to ensure that no unauthorised connection has been made.

Additional level of security for high-security customers

Remote access to the equipment is blocked. Only the following remote commands are possible: rebooting the device, refreshing configurations, updating software.  

 

For more information: https://www.samsungknox.com/en/knox-platform/knox-certifications