Security

Specific Energy's mission is to transform operations data into meaningful insights, allowing our users to focus on the task at hand and trust data management to us. We are in relentless pursuit of security and strive to be on the leading edge of security standards for industrial automation.

Specific Energy products are designed with security and data privacy at the center of everything we do. We hold ourselves to the highest security standards. Our world-class security program is focused on securing our organization and you organization's data through multiple layers of protection.

Security in Depth Highlights:
  • TLS 1.3 protocols, AES256 encryption
  • Two-factor authentication required
  • Daily patches deployed automatically to edge devices
  • Data backed up on secure, redundant servers
  • Linux Ubuntu Core IoT platform
Security at the HMI:

Security at the Client-side

  • Two factor authentication required- in addition to password, users login with a 6-digit token that expires every 30 seconds
  • Role-based account permission settings configured by account administrator enabling read-only and restrictive write access
  • Passwords are NEVER stored, they are converted to salted SHA-256 hashes
  • Access and event logs can be viewed from the client interface

Encrypted Communication — all communication between client interface and Specific Energy uses TLS 1.3 encryption

Automatic Security Updates — by default, security updates are automatically deployed to the client interface.

Security in the Cloud:

Physical Security and Reliability

  • Servers stored in a HIPPA-certified facility
  • Multi-factor biometric authentication
  • Redundant internet service provider connections
  • On-site back-up power

Redundant Backups

  • Data is backed up between multiple cloud servers with RAID solid state drives

Automatic Security Updates

  • Security updates are automatically applied daily
Security at the Edge:
  • No incoming Connections — Tagger has no open ports and does not respond to incoming connections or pings making it indistinguishable from an unused IP address
  • Encrypted Communications — all communications between the Tagger device and Specific Energy's servers are securely encrypted with AES-256 TLS 1.3 encryption
  • Automatic Security Updates — Tagger is built on Ubuntu Core, as IoT operating system by Canonical to allow for automatic, transactional updates on a daily basis. For more info: https://ubuntu.com/core
  • Strict firewalls on all devices
  • Devices protected with RSA-2048 public/private keys
Defense and Monitoring:
  • Strict firewalls are installed on all devices and servers
  • We follow NIST cybersecurity framework
  • Data access is logged and monitored
  • We perform regular security audits
Security Recommendations for End-Users:

Specific Energy works 24/7 to ensure the security and protection of our user's systems and data. We are obsessed with security. The following are a list of basic recommendations we make to our end users to keep your networks secure:

  • Install firewalls on all network entry points
  • Implement network segmentation
  • Patch all operating systems and browsers, update to the latest versions
  • Do not share passwords or account logins
  • Always require 2-factor authentication
  • Install anti-malware and spam protection
  • Provide security awareness training to employees and staff
  • Collect and review logs and audit network usage

To see more recommendations, please read our blog post: Oldsmar Breach Highlights Cybersecurity Weaknesses