Product Security
PSSO Message
One of the most important concerns affecting the business is cybersecurity. At Koh Young Technology, we continue to be dedicated to security through design, development, use, and cooperation. To enable our customers to concentrate on what really matters: patient care, we work hard to ensure that our products, systems, and customer environments uphold security standards.
While we continue to follow security measures, we are aware that new security risks appear every day, ranging from concerted attempts to breach healthcare data to coordinated attempts to interfere with clinical or manufacturing workflows. We understand that what our customers don’t know cannot be protected. Because of this, we think cooperation and transparency are crucial. We’re enhancing cybersecurity and resilience across the sector as we forge a solid community of practice, cooperating closely with our clients, industry regulators, and security researchers.
Our Top Concerns
Design & Development Security
Industry-leading cybersecurity standards are used in the development of Koh Young products and solutions in order to ensure their security.
Use Security
Koh Young Technology products and solutions are protected and kept up to date across all platforms and locations for the duration of their intended life cycles.
Cooperation Security
To develop industry best practices, Koh Young Technology upholds a culture of openness and cooperation with customers, industry stakeholders, and reputable third parties. Contact productsecurity@kohyoung.com. Koh Young Technology maintains an ISAO membership per FDA guidelines for medical device coordinated vulnerability disclosures, contact https://members.medisao.com/vulnerability_disclosure/.
Our Framework
Koh Young Product & Solution Security Framework
Koh Young Technology integrates cybersecurity into product design, development, manufacturing, customer support, and enterprise systems processes.
For industrial products, cybersecurity integration is based on ISA/IEC 62443 intended for Industrial Automation and Control Systems (IACS). These standards are designed to help organizations secure their industrial operational technology and control system from cyber threats.
For medical products, cybersecurity integration is based on a variety of industry work products, including FDA’s pre and post market guidance, the Healthcare & Public Health Sector Coordinating Councils (HSCC) Medical Device and Health IT Joint Security Plan (JSP), the Medical Device Innovation Consortium (MDIC) threat modeling playbook, the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the International Organization for Standardization (ISO) 27001, 62443, and 80001 standards.
Koh Young Product & Solution Security Procedures
The Product Security Risk Assessment includes a Threat Risk Assessment (TRA) encompassing the identification of potential threats, defining and prioritizing potential impacts, and determining countermeasures to mitigate the risk to an acceptable level.
Design Input Requirements for Security are derived from TRA countermeasures as well as the respective business regulations. For Koh Young Technology products,
Verification Validation, Security Testing, and Penetration Testing is internally referred to as internal and external third-party plans to execute the PSS Test Plan.
Customer Complaints, Vulnerability Management, Incident Response, and End of Life is internally referred to as the Incident and Vulnerability Management Plan.
Customer Security Documentation is also referred internally as the Product Security Operations Documentation.
© Koh Young Technology, Inc. 2022 and/or its subsidiaries. All rights reserved.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category . |
cookielawinfo-checkbox-functional | 1 year | The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category . |
cookielawinfo-checkbox-others | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others". |
cookielawinfo-checkbox-performance | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance". |
CookieLawInfoConsent | 1 year | Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie. |
elementor | never | This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time. |
viewed_cookie_policy | 1 year | The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_TPZTZ3PTPE | 2 years | This cookie is installed by Google Analytics. |
_gat_gtag_UA_111480968_1 | 1 minute | Set by Google to distinguish users. |
_gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
Cookie | Duration | Description |
---|---|---|
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |