Platform security
How we protect your assets
Cryptography, authentication, and audit controls protecting the data flowing between your assets and the platform.
Pointnode is an asset-monitoring platform for industrial machinery. Your assets stream live data into our platform, where your team uses it for monitoring, alarms, audit-ready history, and safety-check workflows.
This page explains how we keep that data safe: how it’s encrypted, how we make sure only your assets can talk to the platform, where the data lives, what happens if something goes wrong, and the standards we build to. If your security or IT team needs more detail than what’s here, email security@pointnode.io.
The short version
Every asset on Pointnode gets its own unique digital identity when it’s added — no shared passwords, no master keys. That identity is what proves the asset is allowed to send us data. If it’s ever compromised, we shut it off within five minutes. Every change is permanently recorded in an audit log nobody can edit. Built to the EU Cyber Resilience Act and IEC 62443.
How each asset proves who it is
When you add an asset, we issue it a unique digital certificate — think of it like a tamper-proof passport for that one piece of equipment. Here’s what happens behind the scenes:
- The asset is given a random internal ID that contains no customer information.
- We generate a fresh pair of strong cryptographic keys for that asset using industry-standard methods (ECDSA P-256, NIST-approved). The keys are unique to this one asset and are never reused.
- We sign the asset’s certificate so the platform can recognise it — equivalent to a passport stamp from a trusted authority.
- The certificate and private key are shown to you exactly once, when you add the asset. The private key never gets stored anywhere on our side. It lives on your equipment from that moment.
- Three files install on the on-asset device: the certificate, its matching private key, and a small trust bundle so the device knows it’s talking to the real Pointnode platform (not an impersonator). A fourth file is shown for your records but doesn’t go on the device.
- When the device connects to Pointnode, both sides check each other’s certificates. If anything’s wrong — wrong asset, revoked certificate, expired — the connection is refused.
Common questions
- What encryption do you use?
- Strong, modern, industry-standard. Data is encrypted on the wire with TLS 1.3 (the same standard your bank uses) and encrypted at rest with AES-256 inside our database. Your security team can ask for the cryptographic specifics — we’ll share them.
- How long are certificates valid for?
- Three years for assets in the field, ninety days for our own internal services (which auto-renew). The three-year window for field assets reflects the reality of equipment that’s physically distributed across yards and sites — the right defence is fast revocation when something goes wrong, not annual site visits to reflash every device. This approach is explicitly permitted by NIST SP 800-89 for industrial control systems with strong revocation infrastructure, which we have.
- What happens if a certificate is compromised?
- We revoke it immediately. Within five minutes, the platform stops accepting any connection using that certificate. You install a fresh certificate on the asset; the old one stays revoked forever. A dedicated incident-response runbook covers the worst-case scenarios.
- Can other customers see my data?
- No. Your data is isolated from every other customer at the database level. Even if there were a bug in our application, the database itself would refuse to return another customer’s data — the isolation is enforced one layer below the code. If Pointnode support ever needs to “operate as” your organisation to help with a ticket, it’s recorded in the audit log with the staff member’s name and timestamp.
- Where is my data stored?
- In an EU-region encrypted database. Backups are taken daily and retained for 7 days. The full list of where data is processed (and by which providers) is published at /legal/sub-processors.
- Do you have multi-factor authentication on the dashboard?
- Yes — use any standard authenticator app (Authy, Google Authenticator, 1Password, Bitwarden). Enable it under Settings → Security once signed in. We issue one-shot recovery codes at enrolment for the “lost my phone” case. We deliberately don’t support SMS-based MFA because of SIM-swap risk.
- Can I see what software you depend on?
- Yes — we publish a complete inventory of every library and dependency we ship (a Software Bill of Materials, or SBOM) at
/sbom.json. It’s regenerated on every release, so your compliance team can always pull a current list. - How do I report a security vulnerability?
- Email security@pointnode.io or follow the policy at /.well-known/security.txt. We acknowledge within two business days, triage within five, and resolve high-severity issues within thirty days. Safe-harbour applies for good-faith security researchers.
- Are you ISO 27001 / SOC 2 certified?
- Not yet — the underlying infrastructure providers we depend on all hold those certifications. We build to the EU Cyber Resilience Act and IEC 62443 as our guiding framework. Formal certification of Pointnode itself is a roadmap goal as we scale.
Records — audit trail + retention
Records is your per-asset compliance file cabinet — statutory inspections, services, pre-use checks, ad-hoc reports. Designed so that when a regulator or insurer asks “show me everything you did on this asset”, you get a complete, tamper-evident answer in seconds.
- Audit log that nobody can edit. Every change — create, edit, archive, download — writes a permanent line to the audit log. The database itself blocks edits and deletes on these lines, even for our own staff. Nobody — not your team, not Pointnode — can quietly rewrite history.
- Statutory retention, enforced. Five years for statutory inspections (LOLER, PUWER, wire rope), two years for pre-use checks — configurable per report type. Hard delete is blocked at the database; the only way to remove a record is to archive it, and archived records stay readable until their retention window passes.
- PDF attachments are protected. PDFs are served via short-lived secure links (valid for five minutes per download). Each download writes one audit-log line capturing who, what, when. Once uploaded, a PDF cannot be overwritten.
- Access scoped by role and site. Operators and site managers see only the assets at the sites they’re assigned to. Engineers and org admins see the whole organisation. Pointnode staff get cross-org access only via “operate as” mode, which is itself audit-logged. All access rules are enforced at the database level, not just in the application.
Standards and frameworks we build to
EU Cyber Resilience Act (CRA) in force Dec 2024
The CRA applies to any digital product sold in the EU. Full enforcement December 2027. The platform is built to be compliant ahead of that date.
- Secure by default (every new asset gets a unique certificate, not a shared password)
- Encryption everywhere — on the wire and at rest
- Per-user and per-asset authentication with strong access controls
- Audit logging of security-relevant events (the audit log cannot be edited)
- Published vulnerability-disclosure policy
- Software bill of materials, auto-published at
/sbom.json - Free security updates throughout the support period
- Defence in depth — multiple independent protections for every concern
IEC 62443 — industrial automation and control systems security
The connection between your asset and our platform is built to the IEC 62443-4-2 Foundational Requirements:
- Identification and authentication of every user and every device
- Per-asset certificates — no shared keys
- Per-organisation access enforcement at the database
- Verified communication integrity (encrypted, mutually authenticated)
- Per-asset network segmentation — one asset cannot reach another’s data path
- Audit log generation and timely revocation (compromised assets shut off within five minutes)
- Service availability and resilience — rate limits, buffer caps, redundant components
- Strict cryptographic key management
One-line summaries
| Encryption | Industry-standard modern cryptography — TLS 1.3 on the wire, AES-256 at rest. |
| Certificate lifetime | 3 years on customer assets, 90 days on our internal services (auto-renewed). 90-day renewal banner in the dashboard. |
| Compromised certificate | Revoked immediately; the platform stops trusting it within 5 minutes. |
| Data location | EU-region encrypted database. Your data is isolated from every other customer at the database level. |
| MFA on dashboard | Standard authenticator-app two-factor (any app: Authy, Google Authenticator, 1Password). Opt-in under Settings → Security. |
| Vulnerability disclosure | security@pointnode.io, full policy at /.well-known/security.txt |
| Software bill of materials | Auto-published at /sbom.json on every release. |
| CRA + IEC 62443 | Built to both standards; internal audit available on request. |
| ISO 27001 / SOC 2 | Our infrastructure providers are certified; certification of Pointnode itself is a roadmap goal. |
| Private key storage | Generated once when the asset is added; never stored on our side after the one-time reveal; never shown twice. Lives on your equipment from issuance. |
| Can Pointnode staff see customer data? | Only via "operate as" mode, which is fully audit-logged. Cross-customer access is blocked at the database, not just in the application. |
Last reviewed: 2026-05-24. Vulnerability disclosure policy: /.well-known/security.txt. Software Bill of Materials: /sbom.json. Already a customer? Sign in.