Platform security

This document details the end-to-end security measures of the measurable.energy Platform including hardware, firmware and cloud software.

This document details the end-to-end security measures of the measurable.energy Platform including hardware, firmware and cloud software.

Each measurable.energy Power Socket contains hardware cryptography, which encrypts the data contained on the device meaning data is encrypted before it’s even transmitted outside of the device. Each measurable.energy Power Socket supports the latest IEEE 802.11x standard security features. Together, our approach ensures that data transmitted over the local Wi-Fi network and then over the public internet is completely encrypted.  

The measurable.energy Hub is secured via password protection and 2-factor authentication and can’t be accessed by anyone but measurable.energy employees. measurable.energy uses Cloudflare web infrastructure and website security services to protect all elements of the service. 

image-png-4.png_width=954&height=678&name=image-png-4

Cyber Essentials Plus 

The m.e Platform has passed the Cyber Essentials and Cyber Essentials Plus scheme. Full details of the certification process can be found here:

Cyber Essentials - Iasme  

cyberEssentials_PLUS.png_width=197&height=93&name=cyberEssentials_PLUS

Cyber Essentials Plus Certificate 

IASME IoT Cyber Assurance 

Screenshot 2023-08-17 163909.jpg_width=175&height=70&name=Screenshot 2023-08-17 163909

measurable.energy received the 2nd ever IASME ‘IoT Security Assured’ certification. The scheme is now rebranded Cyber Assurance and full details of the certification process can be found here:

https://iasme.co.uk/iasme-iot-cyber/

IASME IoT Cyber Assurance Level 1 Certificate

IASME IoT Cyber Assurance Level 2 Certificate

Summary of all measurable.energy security certifications.

ISO 27001

ISO_27001_Final-Logo.jpg_width=81&height=81&name=ISO_27001_Final-Logo

measurable.energy has successfully achieved the prestigious ISO 27001 Information Security certification.

ISO 27001 is a globally recognized international standard published by the International Organization for Standardization (ISO). It outlines the requirements for establishing a robust information security framework within an organization and is widely acknowledged as the gold standard for best practices worldwide. Obtaining this certification showcases our organization's unwavering commitment to continuously improving, developing, and safeguarding information, assets, and sensitive data through the implementation and maintenance of effective risk assessments, policies, and controls.

Hardware

  • Secure boot enabled.

    • Only measurable.energy firmware can be programmed to an m.e Power Socket.

  • Physical interface disabled.

    • The m.e Power Sockets have no terminal to access data physically.

  • Secure OTA system. 

    • measurable.energy over-the-air updates are sent using industry leading security techniques to ensure no man in the middle vulnerability. 

  • measurable.energy managed. 

    • measurable.energy will manage the socket hardware throughout your installation, no need to install critical security updates, we handle that for you. 

  • Data encrypted before transmission

    • Raw, readable data is never exposed at any part of the communication network. 

Connectivity

  • 2.4gHz Wi-Fi communications.

    • Uses your existing Wi-Fi network.

    • No third-party networks to manage. 

  • Secondary IoT secure Wi-Fi network deployment available. 

Cloud

  • AWS Cloud Secure.

    • Data processed and stored in GDPR-compliant territories only.

  • Encrypted Communication server.

    • Device-by-device encryption key pairs. 

  • Device are air gapped.

    • Comprising 1 device has no effect on others

Hub

  • Option to sign in with Google or Microsoft accounts.

    • Centralised security through existing company services.

  • Multi-factor-authentication enabled by default and enforced.

  • Full user management and controls.