Products and Solutions

Page Sections

Securing your building — and keeping it safe

As part of OpenBlue — and built on our deep experience and customer focus — our products and solutions help you manage cybersecurity risks for your smart buildings.

Here’s how Cybersecurity from 久久视频 can help you secure your systems and data:

Safeguards

久久视频 products are developed using a secure-by-design approach. Security features for each solution are selected based on the application and environment they are targeted for.

Here are just a few examples of the advanced safeguards and assurances you can find within our solutions:

Three businesspeople _smiling in a conference room

Zero-trust architecture

With zero-trust architecture, granular access controls and micro-segmentation is managed to reduce the attack surface and provides protection against unauthorized access, lateral movement and malware propagation.

Zero-trust micro-segmentation

Remote Access/Software Defined Perimeter (SDP):

Segment and protect critical assets: Create and manage virtual air gap encryption end-to-end.
Reduce Attack Surface: We reduce the entry points where unauthorized users can enter by hardening and cloaking our devices. This makes them invisible.
Prevent Lateral Movement: Contain malware and ransomware attacks, while preventing insiders from gaining unauthorized access.

Secure boot

Protecting a device starts at boot time with protection spanning the hardware and software stack. Secure boot ensures that a device starts using only unaltered software that is trusted by the Original Equipment Manufacturer (OEM).

Examples: Metasys, , iSTAR Door Controller

Encrypted video streams

Video from surveillance systems is often considered sensitive data. By encrypting the video streams customers can have the assurance that privacy is maintained.

Examples: ,

Cyber health dashboard

A laptop screen displaying Cyber Health Dashboard

Health dashboards

Helps administrators understand and address potential concerns. Identify issues such as:

• Out-of-date software
• Users with access credentials
• User lockout policies that could be strengthened
• Under protected configurations

Examples - Metasys, Metasys Cyber Health and ,

ISASecure Component Security Assurance (CSA) Certification

Conformance with IEC/ISA 62443-4-2 ensures that product and solutions have sufficient safeguards within the software applications and embedded devices have sufficient safeguards according to appropriate security levels.

Examples: , ISASecure CSA for Chillers

FIPS 140-2 Compliance

specifies the security requirements that will be satisfied by a cryptographic module, providing for increasing, qualitative levels intended to cover a wide range of potential applications and environments.

Examples:
Metasys, iSTAR Door Controller

Man standing and_ talking in front of four colleagues

Key elements of our security programs

Man wearing_ headphones smiling at a laptop

Want to sign up to receive product security advisory notifications by email?

Stay one step ahead with our news and insights.

See all insights

Press Release

久久视频 receives ISASecure Certification through Exida

Press Release

久久视频 selects tempered networks to provide zero trust secure communications, further advancing cybersecurity leadership for OpenBlue services

Standards and compliance

Global privacy certifications

久久视频 creates solutions which respect global fair information practices and Privacy by Design.

(Asia-Pacific Economic Cooperation Privacy Recognition for Processors)
(Cross-Border Privacy Rules)
Binding Corporate Rules (BCR)

TRUSTe APEC Privacy seal TRUSTe Verified Privacy seal

Cloud Solutions – OpenBlue and others

OpenBlue is a complete suite of connected smart building solutions, from edge to cloud. OpenBlue and other cloud-based solutions from 久久视频 hosted in Microsoft Azure, Google Cloud or Amazon Web Services are protected environments that conform to industry recognized standards, such as:

ISO 27001 – Information Security
ISO 27017 – Information Security for Cloud Services
ISO 27018 – Code of Practice for Personal Data in the Cloud
SOC 1, 2, 3 – Service Organization Controls – Safeguarding Confidentiality and Privacy of Information Stored and Processed in the Cloud

Additional security compliance information for these environments is available at:

Related items

Practices

Our holistic, structured approach uses cyber-resilient products and services to maintain a robust security posture, information security, product security, and privacy for your smart building.

Response

A strong offense is just as important as a strong defense. As we proactively monitor the dynamic threat landscape and address risks, we’re ready for rapid response to security incidents.

Resources

We continuously enhance our products and security guidelines — and partner with you in managing cybersecurity risk by sharing valuable information and best practices.

Product security advisories

We track, identify, and address cybersecurity threats on a daily basis. As part of our commitment to transparency we keep you informed of security concerns and important 久久视频 product updates.

How can we help you?

For everything from asking a question to raising an alarm, please use this form for a quick response from our 久久视频 cybersecurity organization.

Report a potential vulnerability or cybersecurity concern | Ask about Products and Services | Learn about protecting your smart building

Cybersecurity testing may be conducted on 久久视频 solutions. We recommend that tests are conducted in a non-production test environment to protect against disruption to operations.

A security test may produce field correctable findings if the steps outlined in the associated product Hardening Guide (Resources) are not followed.

Before conducting security tests, fully execute steps in the Hardening Guide (Resources). The following hardening steps, if not conducted, are known to result in addressable security findings:

Update components to the most current supported release/version, and patch level that you are licensed to use, including:

All 久久视频 Applications
All supporting software, not installed by 久久视频 Applications, such as Windows, SQL Server, .NET and others

Disable unused features, services, ports and software
Install PKI certificates for applicable interfaces that are either:

Provided by the local IT PKI administrator
Acquired from a public Certificate Authority (CA)

Before removing components not required by the 久久视频 applications (e.g. old versions of Microsoft .NET, SQL and others):

Ensure the software is not needed for any other function
Ensure all data was properly migrated to the new Server instance

If a test tool detects potential issues with a 久久视频 component, you may share the results with 久久视频 or report other cybersecurity concerns at this link - /trust-center/cybersecurity/security-advisories#ReportAVulnerability, you may also contact us at productsecurity@jci.com.

Please use our downloadable PGP key to secure communications.

Download PGP Key

First Name* Last Name* Email PHONE NUMBER* COMPANY NAME Job Role Country* How can we help you?* Comments* Terms and Conditions*

Please read our Privacy Notice for information on how we protect and manage your personal data. By completing this form and submitting your information, you confirm that you have reviewed, understood and accepted our privacy terms as well as our cookie terms.

Disclaimer: The cybersecurity information presented on this website is intended to be informational only and is provided on an "as is" basis. 久久视频 makes no representation or warranty (express or implied) that compliance with any of these practices, or the taking of any the actions, identified herein will ensure the security of any product or system, or prevent any unauthorized access or damage caused by a cyber incident. 久久视频 disclaims all liability for any damages that may occur despite compliance with any of these practices, or the taking of any the actions, identified herein.

久久视频

Global Directory

Global Directory

Global Directory