Security at EnergyMonitor
We take the security of your data seriously. Learn about the measures we take to protect your environmental monitoring data.
Security Features
Multiple layers of protection for your data
Encryption
- TLS 1.3 for all data in transit
- AES-256 encryption for sensitive data at rest
- Secure password hashing with Argon2
- HTTPS enforced across all endpoints
Infrastructure
- EU-based data centers (Hetzner, Germany/Finland)
- Regular security patches and updates
- Isolated network architecture
- DDoS protection and WAF
Access Control
- Role-based access control (RBAC)
- Session management with secure tokens
- API key authentication for integrations
- Multi-organization support with isolation
Monitoring
- 24/7 system monitoring
- Intrusion detection systems
- Audit logging for all actions
- Anomaly detection and alerting
Compliance
Meeting industry standards and regulations
GDPR
Full compliance with EU data protection regulations
SOC 2
Security controls audit
ISO 27001
Information security management
Security Practices
Ongoing measures to maintain security
Regular penetration testing by third-party security firms
Secure development lifecycle with code reviews
Employee security training and awareness programs
Incident response plan with defined procedures
Regular backup testing and disaster recovery drills
Vendor security assessments for third-party services
Report a Vulnerability
If you discover a security vulnerability, please report it responsibly. We appreciate your help in keeping our platform secure.
Please do not publicly disclose vulnerabilities until we have had a chance to address them.