We take the responsibility of helping you manage your customer data seriously. That’s why security and privacy are key focus areas for our organization and product development.
Some organizations “check the box” by saying their databases are encrypted at rest by enabling that feature in AWS. We enable encryption at rest as well. We go one step further by encrypting all PII (Personally Identifiable Information) within our databases using native PostgreSQL pgcrypto PGP encryption at the column level. This ensures that even if you were able to access our database, all of the sensitive PII data is encrypted beyond simply “at rest.” This creates a burden for some of our teams, but we accept this burden because it’s the right thing to do to secure PII.
Enervee encrypts data at rest and in transit for all of our customers. We use tools like Amazon Web Service’s Key Management System (KMS) and Hashicorp Vault to manage encryption keys using hardware security modules for maximum security in line with industry best practices.
Enervee regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the running application and the deployed environment.
Enervee also uses high-quality static analysis tooling provided by GitLab such as Static Application Security Testing (SAST), to secure our product at every step of the development process.
Enervee uses Amazon Web Services to host our application. We make full use of the security products embedded within the AWS ecosystem, including KMS, GuardDuty, and Inspector.
In addition, we deploy our application using pods that run on AWS managed node groups and Fargate nodes in our k8s (Kubernetes) cluster, meaning we typically do not manage servers or EC2 instances in production.
The largest utilities in the United States rely on Enervee to protect the data of millions of their customers. Securing that PII is always our top priority.
CCPA
Get started to schedule a demo, join our newsletter, or chat with us.
