Data Security

Last updated: January 10, 2023

Data Security Principles

Verdigris understands your energy data, like all your data, may contain sensitive information about your company. We ensure enterprise-grade protection of data by utilizing modern encryption standards. We enforce data protection based on these guiding principles:

  • Your energy data belongs to you: Verdigris is a custodian of your energy data and preserves access to it exclusively for you the customer.
  • Your customer account is secured for viewing and retrieving data. When sharing data into our learning engine, we anonymize all identifying data.
  • We never share your data without your consent, and access is restricted only to full-time Verdigris employees who need it.

Our Hardware

Deploying into your building allows us to get better insight into your operations and provide better solutions to your staff. Our installations are minimally intrusive by design, to both your electrical panels and your IT network.

  • Verdigris utilizes its own managed data connections and stays off your servers. This means you maintain control over all the devices on your network, and we only interface with your network security if you want us to.
  • Our tech stack is built on open source principles. Mind if we throw a few acronyms at you? AWS hosting, openssl login keys, TLS and HTTPS protocol, SHA-2 512-bit certificates, and 1024-bit SSH-2 RSA keys with physical key backup. (whew!)

Applications and Web Access

One of our favorite things about Verdigris is the ability to access and analyze your energy data from anywhere, 24/7. This data is powerful, and with great power comes great responsibility.

  • Building data is restricted to user accounts that you authorize.
  • Access via token-based authentication or Google OAuth.
  • Secure (but manageable) password policies, with bcrypt protection.
  • Source code stored in Github repositories

The Power of Verizon

Verdigris utilizes Verizon 4G/LTE service to transmit data from your building to our servers. As a preferred partner of Verizon, we can bring their entire suite of enterprise-grade security to your facility:

  • The Verizon Private Network allows you to segregate enterprise traffic from public network elements using dedicated gateways.
  • For particularly secure installations, the Verizon Machine to Machine (“M2M”) Management Center enables a complete solution to enterprise security, including two architecturally distinct private network solutions.
  • Verizon’s Managed Certificate Services make it a leader in ensuring security for the Internet of Things and M2M communication.

Incident Reporting

<<<<<<< HEAD

We listen to feedback. Report any security related incidents to infosec@verdigris.co.

=======

We listen to feedback. Report any security related incidents to: infosec@verdigris.co.

>>>>>>> 2a8597d54f63655317d21f5de90e91dcba493b45