Df-OS Logo
Enterprise Security

Security At Df-OS

At Df-OS, security is built into every layer of our system. From IoT-connected shop floors to digital workflows, our platform is designed with a security-first mindset to ensure your manufacturing telemetry remains private, protected, and compliant. We adhere to globally recognized standards and continuously invest in secure infrastructure, active threat monitoring, and robust gateways.

Request Security WhitepaperAbout Us
Certifications & Compliance

Security Compliance You Can Trust

We validate our controls regularly through independent third-party audits to maintain compliance with global standards.

AICPA SOC 2 Type II Logo

SOC 2 Type II

Security & Confidentiality

Our SOC 2 Type II examination audits the operational effectiveness of our security and confidentiality controls, assuring the protection of customer data.

ISO/IEC 27001 Certified Logo

ISO/IEC 27001

Information Security Management

Our ISO/IEC 27001 certification validates our Information Security Management System (ISMS), confirming strict security practices across our software development and corporate operations.

Security Architecture

OT-to-IT Multi-Layer Security

Explore how Df-OS isolates industrial machinery and safely channels operational telemetry.

Protocol Breakdown

Isolated Shopfloor Machine Network

Direct shopfloor devices (such as PLCs, DCS, and sensors) reside in a local physical or virtual network segment isolated from the corporate network and the Internet. Communication from Df-OS uses read-only operational telemetry protocols (OPC-UA, Modbus, MQTT-SN) without direct writing permissions, preventing external hardware overrides.

Security Control Enabled & Verified
Security Practices

Enterprise Data Safeguards

We leverage leading security frameworks and practices to lock down internal operations.

Data Encryption

Industrial telemetry is encrypted using AES-256 at rest and TLS 1.3 in transit. Dynamic session tokens and rotating cryptographic keys shield all internal API channels.

Encryption

Identity & SSO

Full SAML 2.0 and OIDC support allows you to link Df-OS with Active Directory, Okta, or Google Workspace. Role-Based Access Controls (RBAC) secure shift authorisations.

IAM

Vulnerability Management

We perform weekly automated vulnerability scans, static (SAST) and dynamic (DAST) code audits, and bi-annual independent third-party penetration testing.

Threat Audits

Data Residency & Localization

Region-specific cloud nodes support localized data storage to meet strict GDPR, DPDP Act 2023, and corporate data residency compliance guidelines.

Data Privacy
Security FAQ

Security & Integration FAQs

Df-OS utilizes Hectos Edge Gateways equipped with dual network interface cards (NICs) to physically segment networks. One NIC connects to the isolated machine network (OT), and the second NIC connects to the corporate network (IT). The gateway acts as a one-way telemetry forwarder; it reads PLC metrics using standard read-only protocols and transmits them outwards. Because no inbound traffic is allowed into the OT network, your machinery is completely shielded from external software threats.
Security Review

Request a Technical Audit

Need to evaluate Df-OS's security controls for your compliance board? Book a dedicated session with our solutions architects to review our network isolation mechanisms and audit logs.

Book a Security CallPlatform Login