Security @ DE
At Digitised Energy (DE), our clients trust us to collect, organise, and analyse huge amounts of data. We collect 50+ billion data points every day and work at a petabyte scale. Much of this data is proprietary to individual clients. Managing this volume and velocity of data involves some serious security engineering from DE. Here are some of the things we do to ensure our codebase is protected and our clients have tighter control over their data.
By default our servers and all databases follow a globally redundant architecture; meaning they are distributed across datacenters in North America, Europe, and Asia. This default option comes with an SLA of 99.95% application availability and 100% data availability (i.e. zero data loss).
We understand some clients want to be only in specific locations/jurisdictions. Here's what's possible.
Depending on your legal requirements, your databases can be located in one or more of the following countries. USA, Canada, South America, UK, Ireland, Switzerland, France, Germany, Netherlands, Belgium, Finland, Israel, Hong Kong, Singapore, Japan, Indonesia, and Australia. Reach out to us if you do not see a country you'd like to be in.
Customised infrastructure options carry an SLA of 99.5% application availability and 99.999% data availability (i.e. a 0.001% chance of data loss).
Historically (2021, 2022, 2023 to date) we have maintained 99.99% application availability and zero data loss.
BYODB (Bring Your Own Database).
We create and manage databases on behalf of clients. However you can create your own database and give us access to it. Reach out to us to better understand the database specifications we work with.
Access Controls - DNS Level.
You can set your DE SaaS instance to be accessible from around the globe. This is the default option.
You can set your DE SaaS instance to be accessible only from a few countries. This means only employees from those countries can login to your application.
You can set your DE SaaS instance to be accessible from certain IP's or IP ranges. For example you can limit access to only your office IP's.
Access Controls - Application Level.
Identity and Access Management (IAM) - a special module where you can manage your teams access to your DE instance.
Use DE's login management solution or your own OAuth, Azure Active Directory, etc.
MFA / 2FA available on client request.
Admin Access - User has read/write access to all sites, modules and sub-modules.
Manager Access - User has read and/or write access to specific sites, modules and sub-modules, as determined by Admin.
Audit Trails. Every user action is logged for audit trail purposes.
By default all data we collect is encrypted in transit and at rest.
SSL/TLS encryption mode is 'Full' (end-to-end).
All passwords are bcrypted.
DE codebase is continuously screened for the following.
XSS (Cross Site Scripting).
Server-Side Request Forgery.
Security misconfig checks.
CICD code integrity checks.
SQL injection vulnerabilities.
API key rotation and expiry checks.
NPM Package Integrity checks.
DDOS protection at DNS level.
Rate limiting at Application level.
DeviceCheck (for iOS Apps).
Play Integrity Checks (for Android Apps).
We have had zero vulnerabilities till date (early 2021).
Contact Information. [email protected].
© Digitised Renewables Energy Tech Private Limited, Bengaluru, INDIA.