It is an essential part of the Telex Quality Promise that we provide product security and protect our customers’ privacy throughout the entire product life cycle. To achieve this Telex established a global Product Security Team and made security an integral part of Telex’s processes. The Product Security Incident Response Team (PSIRT) is the central point of contact for external security researchers, partners, and customers to report security concerns related to products of Telex.
Apache Log4j Vulnerability
We are aware of the Apache Log4j Vulnerability (CVE-2021-44228) “Log4Shell”.
Our Remote Portal and Cloud Analytics Services are all patched to a non-vulnerable version of Log4j and were not impacted.
Product Security throughout the life cycle of Telex's products & services
In order to provide secure and reliable products for our customers, we have established security and data protection as fundamental requirements of our products during the entire life cycle.
Security with Supplier
We have high quality requirements for purchased products. To ensure security of purchased products, modules and components we evaluate each supplier with respect to product security, as an integral part of our purchasing process.
Security Engineering Process
Security Engineering Process is a core part in our product development. Whenever we develop a new product, we conduct a comprehensive Threat and Risk Analysis, and create an individual Security Concept for the product and its integration into a complete solution. During design phase and before release we ensure product security by comprehensive testing (security and penetration tests). Any following updates, patches or upgrades will undergo the same rigorous tests, and will only be deployed once they have proven to be secure.
Vulnerability & Incident Management
Because requirements are constantly changing, 100% security is never guaranteed. Therefore a structured Vulnerability and Incident Management Process is established to professionally manage potential product security vulnerabilities and incidents.