Inner Range has published a Cyber Security Summary for its Integriti unified security platform, outlining the architectural decisions, certifications, and governance practices that underpin the product’s security posture. For facilities managers, IT managers, and building owners operating Integriti in Australian commercial, critical infrastructure, or high-security environments, the document is a useful reference when assessing your own compliance obligations and vendor risk position.
On-Premises Architecture and Data Ownership
One of the more practically significant points in the summary is the confirmation that Integriti is designed as an on-premises or privately hosted solution. Inner Range states explicitly that it does not and cannot remotely access or manage customer systems. For organisations subject to data sovereignty requirements — government tenants, financial services occupants, gaming venues, or any site handling sensitive personal information — this architecture removes a category of third-party risk that cloud-hosted platforms introduce. Your operational data stays within the boundary you control, and access governance remains your responsibility, not the vendor’s.
This is worth documenting in your asset register and any relevant privacy impact assessments. When a vendor cannot access your system by design rather than just by policy, that distinction matters during audits.
Certifications, Standards Alignment, and the Essential Eight
Inner Range operates as a subsidiary of Wesco Anixter, a Fortune 200 distribution and supply chain company. The summary notes that Wesco holds a range of enterprise-level certifications relevant to information security governance:
- ISO 27001 (information security management)
- ISO 20000 (IT service management)
- PCI DSS (payment card industry data security)
- Cyber Essentials (UK government-backed baseline)
- NIST 800-171 (protecting controlled unclassified information)
At the product level, Inner Range aligns the Integriti platform with the Australian Cyber Security Centre’s Essential Eight Mitigation Strategies at Maturity Level 3 — the highest maturity tier in that framework. For Australian site operators, particularly those in government supply chains or regulated industries, this alignment is directly relevant. The Essential Eight at ML3 requires, among other things, application control, patching of applications and operating systems within defined timeframes, multi-factor authentication, and restricted administrative privileges. If your Integriti deployment is part of a broader Essential Eight compliance program, the vendor’s own posture at ML3 supports — but does not substitute for — your organisation’s obligations.
The platform’s technical security controls cited in the summary include:
- Layered encryption using AES-128/256 and SSL/TLS
- Regular third-party penetration testing
- Proactive patch management and a secure software development lifecycle (SSDLC)
- Granular role-based access controls and comprehensive audit logging
- Support for established industry integration standards
The company’s internal security infrastructure includes perimeter firewalls, intrusion detection and prevention systems (IDS/IPS), a SIEM platform, and a 24×7 threat response team — standard enterprise security stack elements, but worth noting for those conducting vendor security assessments.
Operational Implications for Integriti Sites
The publication of a formal Cyber Security Summary signals that Inner Range is responding to growing demand from enterprise customers and procurement teams for documented security evidence. This is increasingly common practice across the physical security sector, driven partly by government procurement requirements and partly by the uptake of supply chain risk management frameworks in larger organisations.
If you manage an Integriti deployment, this document is worth retaining for several practical reasons:
- Vendor risk assessments: Many organisations are now required to maintain a vendor risk register. The summary provides evidence you can reference when documenting your access control platform vendor.
- Insurance and cyber resilience reviews: Cyber insurers increasingly ask about the security posture of operational technology (OT) and physical security systems. A vendor-published security summary supports your disclosure position.
- Audit readiness: If your site undergoes an internal or external security audit, having documented evidence that your access control platform aligns with recognised frameworks (Essential Eight ML3, ISO 27001, NIST SP 800-53) is directly useful.
- Penetration testing cadence: Inner Range’s reference to regular third-party penetration testing is relevant if your organisation is required to demonstrate that critical systems undergo independent security validation.
It is worth emphasising that vendor security commitments apply to the platform as shipped and supported. The security of your specific Integriti deployment also depends on how the system is configured, how network segmentation is applied, how credentials and administrator accounts are managed, and how promptly firmware and software updates are applied at your site. Vendor ML3 alignment does not automatically translate to ML3 compliance for your installation if local configuration practices do not match.
Mallen Services Perspective
As an Inner Range integration partner, Mallen Services installs and supports Integriti across a range of site types in NSW — commercial buildings, strata developments, clubs, and critical infrastructure facilities. The vendor’s published security posture aligns with what we expect from a platform we recommend to clients operating in regulated or security-conscious environments.
The on-premises architecture, in particular, is a genuine differentiator in a market where many platforms have moved toward cloud-hosted models. For clients where data residency, network isolation, or regulatory compliance is a hard requirement, knowing that Integriti keeps all operational data within your own environment — and that the vendor has no remote access pathway — is a meaningful assurance.
If you are currently reviewing your Integriti deployment against your organisation’s cybersecurity framework, or if you are in a procurement process and need to present vendor security evidence to an IT or risk team, we can assist with configuration reviews, documentation support, and network segmentation assessments. Reach out to the Mallen Services team to discuss your site’s specific requirements.
Original source: https://www.innerrange.com/post/inner-range-sets-a-new-benchmark-in-cybersecurity-with-the-integriti-platform