How Commend Ensures Secure, Trusted Communication

When we began to envision Symphony as a Cloud-native platform for our solutions, we knew two things for sure:

First, launching a new platform based on the latest powerful Cloud technology enables an unprecedented level of serviceability, scalability, user convenience and cyber-security – in other words, trusted Commend communication at its very best!

Second, this project would be the starting point for a shift to a completely new, truly agile way of planning, designing, securing and yes, even operating our customers’ Symphony solutions. The principle behind it is called ‘DevSecOps’ (short for Development – Security – Operations). Simply put, it means “We build it. We Operate it. We are responsible for security.” Users won’t have to purchase and operate their own on-premise system; with a Symphony service package everything – including cyber-protection and security – is taken care of on the Symphony Cloud platform.

The DevSecOps approach allows Commend’s developers to leverage powerful controls and processes to provide cyber-security at a level and speed that was unheard of only a few years ago:

• Security-relevant features can be developed and tested on a full-range test system. And if necessary, changes can be rolled back instantly at the click of a mouse!
• This enables extremely thorough, fast and efficient cyber-security testing (pen tests, threat analysis, etc.) in a variety of scenarios, down to the last database query and configuration detail.
• As a result, security issues can be addressed quickly and efficiently from within the system instead of applying patches or hotfixes on top of it: this is powerful ‘Security by Design’ as it’s meant to be!
• IEC 62443 enhanced processes for software component analysis, source code review and security monitoring help us to ensure permanent cyber risk assessment. During the recent log4j vulnerability scare, for example, it took us little time to relieve our customer’s uncertainties with the fully detailed, coordinated processes of our Security Advisory Program.
• With all tests successfully completed, the entire test system can be mirrored immediately to the productive Symphony Cloud environment. This way, full system updates can be rolled out instantly, so users can benefit immediately from reinforced cyber-defence without having to move a finger.

If you want to profit too and would like to further explore the world of Symphony services, get in touch with your local Commend partner, who will also be happy to arrange for a personal demonstration.