SVG Sprites

Security Data and NIS2 Directive

Under the current Network and Information Systems Directive (NIS), operators of essential services (such as banks, healthcare providers, and providers of drinking water and energy) and digital service providers are required to improve their digital security and report cyber incidents. The proposed expansion of the scope covered by NIS2 now includes entities operating in the transport sector. The NIS2 directive requires entities falling in scope of NIS2 to mitigate security risks in their supplier/service provider supply chain. 

As a supplier of essential services, Dual Inventive is fully aware of our responsibility and are committed to ensuring the highest standards of information security for our customers and partners. We show this by: 

  • ISO 27001 Certification

    One of the ways we demonstrate our compliance is by holding the ISO 27001 certification, which is an internationally recognized framework for managing information security risks. This certification covers our entire organization, including our supply chain and service providers. We regularly audit and review our security policies and procedures to ensure they are aligned with the best practices and the evolving threat landscape.

  • Information Security Management System (ISMS)

    We have implemented a comprehensive ISMS that defines the roles, responsibilities, processes, and controls for managing information security across our organization. We have identified and assessed the risks to our information assets and applied appropriate measures to mitigate them, such as encryption, backup, access control, firewalls, antivirus, etc. 

  • Security Awareness Program

    We have established a security awareness program that educates our staff on the importance of information security and their obligations under the ISO 27001 standard. 

  • Business Continuity Plan

     We have developed a business continuity plan that ensures the availability and recovery of our services in case of a disruption or disaster. 

  • Information Security Officers (ISO)

     We have appointed ISOs who oversee and coordinate all aspects of information security within our organization and reports to the senior management. 

  • Encryption of Information 

    At Dual Inventive, we prioritize the security of your data. All data transfers between devices, MTinfo 3000, and the MTinfo 3000 app are encrypted to ensure the highest level of security. 

  • Storage of Information 

    We store information about devices, safety-plans, users, and companies depending on the kind of data in a dedicated type of database. All persistent data is stored encrypted. Documents uploaded to the system are first scanned in a sandbox environment by a virus scanner. Upon approval, they are moved to a separate storage physically separated per company. Any infected documents are promptly removed. 

  • Data Centres

     Unlike many companies, Dual Inventive does not use public data centres like Azure or Amazon. Instead, we use dedicated hardware (servers, storage systems, backup, power) and dedicated communication lines for mobile connectivity. Our hardware is stored in ISO 9001, 27001, and ISAE 3402 Type II certified data centres in Europe. Servers are protected at the highest physical level, and only dedicated and trained personnel can access these servers. 

  • Reliability 

    All Dual Inventive systems are set up in a redundant way with automatic failover mechanisms where possible. Communication lines from/to the devices, as well as internet connectivity, are set up in a redundant way. The measured uptime of MTinfo 3000 over the past 12 months is 99.98%, demonstrating our commitment to reliability. 

  • Sub-contractors

     Dual Inventive strives to minimize the number of subcontractors. When needed, subcontractors are selected using defined criteria. Key subcontractors are audited regularly in conformity with ISO 27001. 

  • Awareness on Security

    All Dual Inventive personnel are regularly trained on security using awareness sessions and security tests. We have a ticket system with internal SLAs in place for incident registration. Security awareness is a key topic discussed in our board meetings. 

  • Regular Audits

    Our security measures and practices are regularly audited to ensure they meet the highest standards. These audits help us identify any areas for improvement and ensure we are always up-to-date with the latest security best practices. 

    We value your trust and confidence in our services, and we are dedicated to protecting your data and privacy. If you have any questions or concerns about our information security policy or our ISO 27001 certification, please do no hesitate to contact us.

    Oisterwijk, 1 March 2024

    J. Zeeman
    CEO Dual Inventive

    L.J.M. van der Poel
    CTO Dual Inventive 

     

     


    Other Statements and Conditions

    Terms and Conditions