EC.DATA — Energy Intelligence Platform

Segurança e Conformidade

Postura de segurança alinhada com SOC 2 e ISO 27001, com criptografia completa e isolamento estrito entre clientes.

Security — How EC.DATA Protects Your Data

EC.DATA safeguards your energy data with enterprise-grade security: encryption at rest and in transit, role-based access control, and secure cloud infrastructure on Microsoft Azure.

Security Measures

  • AES-256 encryption at rest and TLS 1.3 encryption in transit
  • Role-based access control (RBAC) with granular permissions
  • SOC 2 Type II compliance and regular third-party penetration testing
  • Microsoft Azure cloud infrastructure with geo-redundant backups
  • GDPR and CCPA compliant data handling and retention policies
  • Secure API authentication with OAuth 2.0 and API key management
  • Automated vulnerability scanning and patch management

Frequently Asked Questions

Where is my data stored?
All data is stored in Microsoft Azure data centers. Our primary infrastructure runs on Azure's enterprise-grade cloud with regional failover and SOC 2-aligned controls.
Who can access my organization's data?
Only authenticated users within your organization with appropriate role-based permissions can access your data. Tenant boundaries are enforced at the database level.
How do I request data deletion?
You can submit a data deletion request through our Data Subject Request portal. We process all requests within 30 days as required by GDPR and similar regulations.
Is my IoT device data encrypted?
Yes. Data is encrypted from the moment it leaves your IoT device. MQTT messages are transmitted over TLS 1.3, and stored data is encrypted at rest using AES-256.
How does EC.DATA handle multi-tenant data isolation?
Each organization's data is logically isolated at the database level with strict tenant boundaries enforced by row-level security and application-layer guards.
What happens if there's a security incident?
We have a documented incident response plan. Microsoft Defender provides real-time threat detection, and customers are notified of any incident affecting their data within the timelines required by applicable regulations.
Does EC.DATA support single sign-on (SSO)?
Yes. EC.DATA integrates with Microsoft Entra ID (Azure AD) for enterprise SSO, supporting SAML 2.0 and OIDC for any compatible identity provider.
How often is your security reviewed?
We conduct regular security assessments, including automated vulnerability scanning via Microsoft Defender, periodic penetration testing, and continuous code analysis.