Contents

1. Document purpose

2. General description

3. Cloud infrastructure

4. Cyber security

4.1 General information

4.2 Tenant isolation

4.3 Data encryption

4.4 Data storage

4.5 Data backup strategy

4.6 Application and service security

4.6.1 Identity management and access management

4.6.2 Internal access controls

4.7 Configuration management 

4.8 Secure software development lifecycle (SDLC) 

4.9 Separation of environments and duties

4.10 Monitoring, logging, and alerting

4.11 Security assessments

4.12 Incident response

4.13 Security awareness training

 

 

 

 

1. Document purpose

This document describes different areas of our Danfoss Leanheat® Monitor software. Tools and services that are being used are subject to change while the security posture of Danfoss Leanheat® Monitor will remain and improve in the future.

 

2. General description

Danfoss Leanheat® Monitor is a web-based cloud SCADA software application hosted in Microsoft Azure for heating, cooling, and ventilation systems. Leanheat® Monitor is built on strong bases of already established Danfoss solutions with new and improved features for remote monitoring, control and optimization of your heating, cooling, and ventilation applications. A reliable and stable software solution brings you cost effective and energy efficient management and lays the foundations for a connected future of your energy system. Leanheat® Monitor is offered as a cloud SaaS (software as a service) solution. This means that Danfoss takes care of all maintenance, backup, and security updates of the system. Customers can access the system from any personal computer or mobile device connected to internet. The user of Leanheat® Monitor can remotely control and monitor the parameter settings in the controllers. Reference and historical values of sensors and meters connected to the controllers can also be monitored.

 

3. Cloud infrastructure

From a high-level architectural viewpoint, Leanheat® Monitor is a single-page web application, hosted in Microsoft Azure that also offers a secure REST API for integrations.

 

Internally, Leanheat® Monitor is a multitenant, cloud-native, distributed application running multiple services that perform a variety of activities.

Such services run as orchestrated containers using Azure’s offering for Kubernetes orchestration: Azure Kubernetes Services (AKS). Choosing a managed service, by Microsoft, ensures that the platform is stable and secure.

4. Cyber security

4.1 General information

Danfoss information security program is based on industry recognized standard ISO 27001. Danfoss is audited, but not certified on ISO 27001 although certification is planned for 2024.

 

Leanheat® Monitor is a SaaS (software as a service) cloud solution hosted on Microsoft Azure’s European data center. Leanheat® Monitor uses Azure Kubernetes Service (AKS), Storage, Key vaults, and other Azure services. Microsoft Azure data centers are compliant with many physical and information security standards. For details about physical security within Microsoft Azure data centers, see Microsoft’s Compliance website.

4.2 Tenant isolation

Leanheat® Monitor is a multitenant platform in which tenants’ data is logically separated and remains inaccessible to other tenants. Access control ensures that only valid authenticated and authorized users can access the platform.

4.3 Data encryption

Leanheat® Monitor enforces TLS (Transport Layer Security) 1.2 protocol for data in transit. By default, data at rest is encrypted using strong encryption methods (AES-256) within Microsoft Azure, Atlas Mongo, and Influx Db.

4.4 Data storage

Leanheat® Monitor leverages managed data storage providers for storing data. Data is stored in a MySQL relational database (provided by Microsoft Azure MySQL Database), a MongoDB cluster (provided by MongoDB Atlas - hosted in Azure), and a InfluxDB time-series database (provided by InfluxDB Cloud - hosted in Azure).

Main advantages of managed data storage providers are that their services are secure, patched, maintained, and monitored.

4.5 Data backup strategy

Data backup frequencies vary depending on the storage solution used. For MongoDB Atlas there is a 6 hours RPO and 7 days retention policy. Microsoft Azure MySQL RPO is less than 15 minutes and 7 days retention policy, while InfluxDB Cloud has a RPO of 4 hours and 100 days retention policy.

4.6 Application and service security

4.6.1 Identity management and access management

Danfoss Identity provider (DIP) is used for authentication purposes for Leanheat® Monitor solution. DIP is based on Auth0 authentication platform. With DIP our customers can use their existing solutions like Active Directory to leverage federated authentication and 2FA.

 

There is an advanced user management system in Leanheat® Monitor and it is possible to provide users with access to all or a limited number of devices. Besides limiting the access to devices there are five different user roles in Leanheat® Monitor which provide a diverse set of functionalities:

 

-     Admin

-     Full

-     Limited

-     Basic

-     Read-only

 

4.6.2 Internal access controls

• Infrastructure administrative privileges are restricted to an authorized set of users.
• Multi-factor authentication (MFA) is required for all infrastructure access.
• Shared accounts are prohibited.

4.7 Configuration management

Leanheat® Monitor is programmatically managed and deployed using IAC (infrastructure as a code) which undergoes version control and testing as part of automated deployment process. Permission to push code is controlled, requiring peer review and approval by infrastructure engineers.

 

4.8 Secure software development lifecycle (SDLC)

Leanheat® Monitor team follows security best practices throughout the development cycle:

• Security controls points at multiple phases of development.
• Source code management:
  • Version control
  • 4 eyes review principles on PR (Pull requests)
  • Static application security testing (SAST)
  • Vulnerability scans on third-party dependencies and libraries
• Unit, integration, and E2E (End to end) testing
• Automated vulnerability scans on containers
• Regular dynamic application security testing (DAST)
• Microsoft Defender for Cloud for CSPM (Cloud security posture management) and security recommendations
• Microsoft WAF (Web Application firewall) protecting our solution.

4.9 Separation of environments and duties

Production and non-production environments are separate. Developers use non-production environments solely for development and testing. Customer data is used only in the production environment.

4.10 Monitoring, logging, and alerting

The operations team continuously monitors and analyzes metrics and logs from Leanheat® Monitor environments.

• Services are monitored to ensure performance and availability.
• Application logging, performance, and observability data are gathered for event analysis and alerting. Access to these logs is provided only to employees that require access to deliver the services.

4.11 Security assessments

We use trusted third-party security firms to perform penetration testing to discover vulnerabilities. Penetration testing is performed yearly.

4.12 Incident response

Report security incidents to security@danfoss.com or use this Report security vulnerability. We maintain procedures for incident alerting and response.

 

4.13 Security awareness training

Every year there is mandatory security awareness training for all employees to brush up on their security knowledge.

---