SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Secure data center control room shield lock resilient infra
#
Firewalls
#
Data Protection
#
DR

Opengear achieves SOC 2, ISO 27001 security double

Thu, 18th Dec 2025
Author image
By Catherine Knowles, News Editor

Opengear has secured SOC 2 Type 2 and ISO 27001 certification across its products, systems and operations, placing the infrastructure management specialist among a smaller group of vendors that hold both security attestations for their network management environments.

The company said the certifications strengthen the security underpinnings of its independent management plane, which enterprises and service providers use to maintain access to critical network equipment during outages and other disruptions.

SOC 2 is an auditing framework developed by the American Institute of Certified Public Accountants that assesses controls for security, availability, processing integrity, confidentiality and privacy. Type 2 reports cover the design and operating effectiveness of controls over a defined period. ISO 27001 is an international standard for information security management systems.

Opengear said the dual certification means its practices now meet independently verified global standards in areas that include security, availability and confidentiality. It said this aligns the business with a select group of infrastructure management providers that have attained the same combination of attestations.

Audit scope

Independent assessors reviewed Opengear's practices across several operational domains. The audit work covered access governance, data protection, system monitoring, risk management and oversight of third-party vendors.

The certifications confirm that Opengear maintains consistent and systematic security processes across engineering, firmware development, internal systems and enterprise operations. The company said this structure protects sensitive information that flows through its development and support environment.

Opengear also said the findings validate that its security controls are in place and operating over time, rather than only at a single point. That distinction reflects the Type 2 nature of the SOC 2 report.

Customer impact

The company framed the certifications as a risk and compliance development for customers that rely on its remote management hardware and Lighthouse management software.

Opengear said SOC 2 and ISO 27001 reduce vendor risk for customers by aligning its controls with recognised industry baselines. It said this gives procurement and security teams independent documentation they can use during due diligence and ongoing vendor management.

The company stated that the attestations can also simplify compliance and procurement processes inside customer organisations. Customers can reference the reports during their own audits and regulatory assessments.

Opengear said this provides assurance that its network management infrastructure is protected by audited security controls that span the organisation. This covers how it designs and maintains products and how it runs its internal business systems.

"These certifications affirm that security is embedded into every part of how Opengear operates," said Patrick Quirk, President of Opengear. "It is not only our products and hardware that meet these standards. Our processes, our systems, and the way we run the business every day reflect a deep commitment to protecting customer environments."

Regulated sectors

Opengear said organisations in regulated industries, such as finance or critical infrastructure, face stricter scrutiny of vendors that support sensitive environments. These organisations often manage highly distributed infrastructure, including branch networks, retail locations and remote industrial sites.

The company said customers in these sectors can rely on its systems for secure and reliable access to critical network equipment when production networks are unavailable. That includes use during remote recovery, planned maintenance windows and incident response.

Opengear positions its platform as an independent management plane that remains accessible during primary network failures. The company said the new certifications reinforce this role in customers' resilience strategies.

Group strategy

Opengear is part of Digi International, which has pursued a broader security certification programme across its portfolio.

Digi recently announced SOC 2 Type 2 attestation for its Digi Remote Manager and Genesis services. SmartSense by Digi has also achieved SOC 2 Type 2 certification.

Opengear said its own certifications support this wider security strategy inside the parent group. It said the work strengthens the base for future attestations and ongoing operational improvements.

"It is not only our products and hardware that meet these standards. Our processes, our systems, and the way we run the business every day reflect a deep commitment to protecting customer environments," said Quirk.

Related stories
Data Privacy Day spotlight on control, resilience, design
AI surge exposes cloud security gaps, report warns
Retail & wholesale hit by exposed shared credentials
Misconfigured cloud training labs open paths to attacks
CrowdStrike secures ISO 42001 AI governance standard

Top stories

GitHub unveils Copilot SDK to power AI agent workflows
Preparing campus and branch networks for AI demand
EU Cybersecurity Act revamp targets high risk vendors
Experts warn AI era demands tougher data protection
AppOmni study pegs average SaaS breach at USD $1.365m