Statement of Compliance
5367 New Peachtree Road, Suite 150, Chamblee, GA 30341
Introduction
Kamado Joe is committed to the highest standards of product security, ensuring that our smart grilling devices, mobile apps, and web services meet stringent security protocols in alignment with the UK Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 (PSTI). This Statement of Compliance details our practices and adherence to the NIST 8259A guidelines, ETSI EN 303 645 requirements, and general PSTI requirements.
Compliance Overview
Our products are designed to comply with all applicable regulations. We ensure:
- Device Identification and Management: Each device features unique identification and secure management practices, adhering to both the NIST 8259A and ETSI EN 303 645 specifications.
- Secure Configuration: Devices are configured securely using encrypted communications and robust unique authentication methods.
- Data Protection: We enforce encrypted communications and rigorous data protection standards.
- Logical Access Control: Access to device interfaces is tightly controlled through secure APIs, unique passwords, and physical device protections.
- Software Update Processes: Firmware updates are securely managed, with user consent required for each update.
- Cybersecurity Awareness: We maintain high levels of security awareness through continuous monitoring, regular code reviews, and the integration of advanced security tools.
Product Specific Compliance
| Product Name | Compliance Status | Minimum Security Update and Support Period |
|---|---|---|
| Konnected Joe - North America KJ15041123 |
NIST 8259A / ETSI EN 303 645 / PSTI 2023 | May 2025 |
| Konnected Joe - International KJ15041523 |
NIST 8259A / ETSI EN 303 645 / PSTI 2023 | May 2025 |
| Pellet Joe - US KJ15260020 |
NIST 8259A / ETSI EN 303 645 / PSTI 2023 | May 2025 |
| Pellet Joe - International KJ15260120 |
NIST 8259A / ETSI EN 303 645 / PSTI 2023 | May 2025 |
Compliance Documentation
Detailed compliance documents for each product or regulation are available and continuously updated to reflect the latest security practices and regulatory requirements. These documents can be requested within 5 business days by emailing security@middlebyoutdoor.com.
Vulnerability Disclosure Policy
We encourage the reporting of potential security vulnerabilities through our dedicated channels. Our Vulnerability Disclosure Policy outlines the process for securely submitting reports and our commitment to resolving issues promptly.
Scope: This policy applies to all Kamado Joe products, services, and associated infrastructure, including mobile apps and web services.
Reporting: If you discover a security vulnerability, please report it via security@middlebyoutdoor.com Include the following details:
- Product/service affected
- Vulnerability description
- Steps to reproduce (if applicable)
Acknowledgment: We will confirm receipt of your report within 5 business days, providing a preliminary assessment within 30 business days.
Thank you for helping us maintain a secure environment.
Commitment to Security
Kamado Joe is dedicated to ongoing improvement and innovation in cybersecurity, ensuring our products are safe and secure for all users. We comply with all current and upcoming regulations and continuously assess our practices against the latest security standards.