Security
Ensuring the security of our energy monitoring platform is paramount to safeguarding sensitive data and maintaining the integrity of our users' systems. This documentation provides an overview of the key security features implemented within our platform to protect against potential threats and vulnerabilities.
User Authentication
Our platform employs robust user authentication mechanisms, including password-based authentication, multi-factor authentication (MFA), and single sign-on (SSO) options, to verify the identity of users before granting access to sensitive data.
Role-Based Access Control (RBAC)
Role-based access control allows administrators to define roles and permissions for users based on their responsibilities within the organization. This ensures that individuals only have access to the resources and features necessary for their respective roles, minimizing the risk of unauthorized access.
Data Encryption
All data transmitted between the user's device and our servers is encrypted using industry-standard encryption protocols (such as SSL/TLS), ensuring that data remains confidential and protected from interception by unauthorized parties.
Secure Data Storage
We employ secure data storage practices, including regular data backups, to safeguard data stored within our platform's databases and servers. This ensures data availability in the event of a system failure or disaster.
Security Monitoring and Logging
Our platform continuously monitors for suspicious activities and security incidents, with comprehensive logging capabilities to track user actions, system events, and potential security threats. This allows our security team to promptly detect and respond to security incidents, mitigating potential risks to the platform and its users.
Regular Security Audits and Assessments:
We conduct regular security audits, assessments, and penetration testing to identify and address potential vulnerabilities within our platform. By proactively assessing the security posture of our system, we can implement necessary controls and measures to strengthen our defenses against emerging threats.
Vulnerability Disclosure Policy
See Vulnerability Disclosure Policy.
Datacentres
Each of datacenters we use features:
Certification
- Certified in accordance with DIN ISO/IEC 27001
- Internationally recognized standard for information security
Security
- Video-monitored high-security perimeter fencing around the entire data center park
- Entry via electronic access control terminals with a transponder key or admission card
Fire protection
- Modern early warning fire system; covers all data center park facilities and includes an automatic fire alarm system that uses aspirating smoke detectors
- Direct connection of the data center's fire alarm system to the local fire and rescue coordination center; includes fault monitoring
Climate control
- Energy efficient direct free cooling N+2 redundancy
- Monitoring of air temperature and server/distribution cabinets
Power supply
- Redundant UPS facilities
- Standby power system
DDoS Protection
- Latest hardware appliances (Arbor, Juniper)
- Automated recognition of attack patterns
- Filtering traffic for known attack patterns
Conclusion
Our energy monitoring platform is equipped with robust security features designed to protect against potential threats and vulnerabilities, safeguarding sensitive data and ensuring the integrity and availability of our users' systems. By implementing stringent security measures and adhering to industry best practices, we strive to provide our users with a secure and reliable platform for monitoring and managing their energy consumption.