Continuous Improvement Marks Cradlepoint’s Security Posture for Cloud-Managed Routers
As a key supplier in a wide range of industries, Cradlepoint is working hard to build trust and transparency with our customers. Several sectors, including manufacturing, industrial control, and utilities, have been susceptible to supply chain threats. It’s why most industries are working hard to add supply chain risk to their overall risk mitigation strategies — and choosing solutions they can rely on at all times.
Transparency to Customers
We often receive security assessment questionnaires from customers who want to understand the security controls, process, and procedures we have in place. They’re hoping to better understand any potential risks associated with using Cradlepoint NetCloud for LTE communications. While questionnaires can be helpful, our best tool for educating network administrators and IT professionals about Cradlepont’s security strategy is a conversation with our knowledgeable sales team. We welcome your questions whether you’re considering Cradlepoint solutions or want to better understand how we secure the solutions you already have.
Sharing Results of Regular Security Assessments
We perform annual third-party penetration tests on our hardware, software, and cloud services – giving current and prospective customers all the information they need to make informed solution decisions.
Continuous Improvement & Accelerated Innovation
This year we launched our private bug bounty program, through Bugcrowd, which provides valuable ongoing penetration testing for a continuous R&D development model. Incenting white hat researchers all over the world to hack our solutions and identify vulnerabilities year-round, we are confident we are reducing customers’ operational risk with our solutions compared to a “point in time” penetration testing approach completed once a year through a single company.
This process accelerates the delivery of new and improved Cradlepoint NetCloud features that benefit everyone we work with.
Timely Communication of Vulnerabilities
Reporting and addressing security issues quickly is extremely important to us, because fast resolution reduces the likelihood and impact of vulnerabilities in our solutions. Our R&D, Quality Assurance and Support organizations are committed to quick turnarounds on any Cradlepoint vulnerabilities, aligned with theIR severity level based on the Common Vulnerability Scoring System (CVSS).
Our vulnerability disclosures are communicated to customers, partners, and eventually the public through our trust page and our responsible disclosure process. You can always submit a vulnerability or security concern via firstname.lastname@example.org.
Helping Lead the Way with Security Trends
In the constantly evolving world of network security, staying up to date with the latest needs and trends is crucial. To that end, we’re supporting emerging carrier security certifications of our IoT routers, including use cases focused on the world’s first responders. It’s an emerging space that truly is raising the tide of business IoT solution security maturity across the industry.
As 2020 draws near, Cradlepoint’s keen attention to and passion for new security opportunities will continue as we invest in opportunities to reduce risk for our customers.
Explore More About Trusting Cradlepoint
For a deeper exploration of the security processes built into Cradlepoint’s solutions, read our trust white paper.