En-trak™ Energy - Data Security Brief


Overview

En-trak™ Energy is a Software-as-a-Service (SaaS) energy management solution available by subscription. Typically, your energy usage data is collected from meters by local gateway devices, and then transmitted to our cloud-based system which processes and stores the data for later viewing and reporting. If you already have a local energy management system in place, you can also upload batches of energy usage data to En-trak Energy System. A web application provides viewing and reporting of your energy usage and can be viewed on any web-enabled devices and most web browsers.

Security Consideration

En-trak understands your energy data, like many other types of data, is by default private. As such, we are committed to taking all reasonable precautions to ensure this data is only available as intended by the customer. We care about security as much as you do. And we do it well.

En-trak automated tools monitor service performance for problems 24 hours a day, 7 days a week. Our production equipment is hosted securely in Tier IV data center by Amazon Web Services, utilizing Elastic Compute Cloud (EC2), Simple Storage Service (S3), Elastic Block Storage (EBS), and other Amazon services. These services enable a solution which is stable, secure, and scalable. The service is complete with 24-7 advanced security measures including full-time security staff, video surveillance and alarms to prevent high-tech breaches.

En-trak also employs Amazon’s Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) to identify malicious activity and to initiate counter-actions. For example, En-trak server access is tightly controlled and only allows administrative tasks from a few specific IP addresses.

The infrastructure also has secure power supply and backup generators in case of a power cut, as well as complex smoke and flood detection and fire suppression systems and has been certified SOC1 under SSAE 16 & ISAE 3402 standards, ISO 27001, PCI DSS Level 1, and FISMA Moderate among many others.

En-trak Security Practices, Policies & Infrastructure

At En-trak, we consider the security of your information a primary responsibility. We take specific precautions to provide security while your data is in transit from your computer to our servers, as well as while it is being processed and stored in our data centers.

We understand that no single measure can effectively provide complete security which is why we employ a multi-layer approach with multiple security measures in place to help protect your data at all times.

Your data is private and protected

Right from the start, we build privacy into everything we do. It's not just our corporate tagline. It's how we choose to treat and respect you, our customers on a daily basis. We impose and follow a strict set of guidelines and practices to protect all private information. We do not sell, rent or share your information with any third parties for their promotional use. 

We use advanced, industry-recognized security safeguards to keep all of your data private and protected. En-trak™ Energy and all our other platforms use industry-recognized secure sockets layer (SSL) Certificate Authority, together with password-protected login, firewall protected servers and the same encryption technology (128 bit SSL) used by the world's top banks to give you peace of mind.

Physical Security

Our data centers are hosted in Amazon which is one of the most secure facilities available today in locations that are protected from physical and logical attacks as well as from natural disasters such as earthquakes, fires, floods, etc.

  • 7x 24x 365 Security. The data centers that host your data are guarded seven days a week, 24 hours a day, each and every day of the year by private security guards.
  • Video Monitoring. Each data center is monitored 7x 24x 365 with night vision cameras.
  • Controlled Entrance. Once in our data centers, your data is processed and stored on dedicated En-trak-only clusters where access is limited to a very small number of skilled technicians.
  • Biometric, two-Factor Authentication. Two forms of authentication, including a biometric one, must be used together at the same time to enter the data center.
  • Undisclosed locations. Our servers are located inside generic-looking, undisclosed locations that make them less likely to be a target of an attack.
  • ullet-resistant walls. Our servers are guarded safely inside bullet-resistant walls.

You control who get to see the data

You control who accesses your data, and what they can see and do with it. Each person you invite to use En-trak Energy must create a unique password and no one can see it — not even us. There are multiple permission levels that let you limit the access privileges of different users. This means that your Singapore office cannot access the Hong Kong data, unless you authorize and make it so. And if that's not enough, you can also download a local copy of your data to your hard drive for an extra layer of comfort and control. 

En-trak Energy uses several types of encryption as additional level of security. All sensitive user data and configurations are encrypted using AES (Advanced Encryption Standard) algorithm. Data encryption protects data stored on cloud based servers, as well as data in transit over the internet

We also deploy various security properties including:

  • User Lockout
  • Maximal Invalid Password Attempts
  • Password Complexity (adhering to PCI standards)
  • Password Expiration
  • Password History Policy

Backup your data automatically

There is no need for you to plan for periodic manual backup. That's because we automatically do it for you. You get the convenience of automatic offsite storage without the extra effort and cost of creating and managing physical backup copies on your own. And should the unexpected ever happen to your system, all your data will still be instantly accessible to you from any computer connected to the internet. 

You will never lose any data, even when your network is down

You will never lose any data even when your network is down. This is because our energy meter has a built-in solid-state memory and data logger which is capable of holding up to one year of data even when the network is down. En-trak Energy has been available more than 99.8% of the time for the past three years. That's because we rely on redundant servers and a self-correcting error detection program. So even if one server becomes impacted or unavailable, your service will likely not be affected. This means that you can access your data online no matter where you are or what you are doing. 

Network Security

When an En-trakTM meter is installed, it is connected to the site's Local Area Network (LAN) via an Ethernet-cable or wireless adapter/client. The installation process does not modify or tamper with any firewall products and/or settings that protected the LAN from unauthorized access from the Internet. Our En-trakTM energy meter simply operates as an independent server within your network, with minimal bandwidth use.

Our network security team and infrastructure helps protect your data against the most sophisticated electronic attacks. The following is a subset of our network security practices. These are intentionally stated in a very general way, since even knowing what tactics we use is something hackers crave. If your organization requires further detail on our network security, please contact us.

  • Secure Communication. All data transmission to En-trak services are encrypted using TLS 1.2 protocols, and we use certificates issued by SHA 256 based CA ensuring that our users have a secure connection from their browsers to our service. We use the latest and strong ciphers like AES_CBC/AES_GCM 256 bit/128 bit keys for encryption, SHA2 for message authentication and ECDHE_RSA as the key exchange mechanism.  

  • IDS/IPS. Our network is gated and screened by highly powerful and certified Intrusion Detection / Intrusion Prevention Systems. 

  • Control and Audit. All accesses are controlled and also audited.  

  • Secured / Sliced Down OS. En-trak applications run inside a secured, sliced-down operating system engineered for security that minimizes vulnerabilities. 

  • Virus Scanning. Traffic coming into our servers is automatically scanned for harmful viruses using state of the art virus scanning protocols which are updated regularly.  

  • Throttling and Other Limits Mitigate Risk of DDOS: Online services are often at risk from “distributed denial of service” (DDOS) attempts. At Intuit, we use industry standard DDOS appliances to help detect, minimize and prevent potential service impact.

  • Regular Updates and Security Patching: We have quarterly/bi-yearly/yearly cycles to update software patches, including security patches for our hardware and software stacks. We listen to various security distributions from our vendors and identify proper actions to rapidly ensure security of En-trak users where applicable.

People Processes

Designing and running data center infrastructure requires not just technology, but a disciplined approach to processes. This includes policies about escalation, management, knowledge sharing, risk, as well as the day to day operations. En-trak’s security team has years of experience in designing and operating data centers and continually improves our processes over time. En-trak has developed a world class practices for managing security and data protection risk.

  • Select Employees. Only employees with the highest clearance have access to our data center data. Employee access is logged and passwords are strictly regulated. We limit access to customer data to only a select few of these employees who need such access to provide support and troubleshooting on our customers' behalf.

  • Audits. Audits are regularly performed and the whole process is reviewed by management

  • As-Needed Basis. Accessing data center information as well as customer data is done on an as-needed only basis, and only when approved by the customer (i.e. as part of a support incident), or by senior security management to provide support and maintenance.

Redundancy and Business Continuity

One of the fundamental philosophies of cloud computing is the acknowledgment and assumption that computer resources will at some point fail. We have designed our systems and infrastructure with that in mind.

  • Distributed Grid Architecture. En-trak services run on distributed grid architecture. That means a server can fail without a noticeable impact on the system or our services. In fact, on any given week, multiple servers fail without our customers ever noticing it. The system has been designed knowing that server will eventually fail - we have implemented our infrastructure to account for that.

  • Power Redundancy. En-trak configures its servers for power redundancy – from power supply to power delivery.

  • Internet Redundancy. En-trak uses multiple Tier-1 ISPs which mean that if any one fails or experiences a delay; you can still reliably get to your applications and information.

  • Redundant Network Devices. En-trak runs on redundant network devices (switches, routers, security gateways) to avoid any single point of failure at any level on the internal network.

  • Redundant Cooling and Temperature. Intense computing resources generate a lot of heat, and thus need to be cooled to guarantee a smooth operation. Our servers are backed by N+2 redundant HVAC systems and temperature control systems.

  • Geo Mirroring. Customer data is mirrored in a separate geographic location for Disaster Recovery and Business Continuity purposes.

  • Fire Prevention. The En-trak data centers are guarded by industry-standard fire prevention and control systems.

  • Data Protection & Back-up. User data is backed-up periodically across multiple servers, helping protect the data in the event of hardware failure or disaster.

Code Security

  • Release process tied with strong security metrics with stringent exit criteria: We log thousands of hours of security Code Reviews every year by our senior-most staff, principal and distinguished engineers for anti-patterns focusing on SQL injections; cross-site scripting; encryption usage; and correct usage of application APIs. A “Code Collaborator” tool is used to track the reviews and is integrated with our source-code control system for review audits.

  • We also use Static Code Analysis tools such as Coverity and Fortify to scan the code for presence of any existing anti-patterns. Consider this coarse-grained protection to complement the fine grained protections applied in Code Reviews.

  • Security Coding Standards & Industry Standard Practices followed in Business Logic; User Interface (JavaScript; CSS); Data/schema and Log: Authentication has built-in capabilities to prevent DOS and Brute Force resistance. To frustrate automated DOS attacks, we use CAPTCHA after a certain number of failed attempts. Secret and sensitive information is encrypted in storage and in transit. For most confidential data, such as Credit Card numbers, it is tokenized away from storage. Auditing, logging and reporting are in compliance with industry standard security practices.

  • Test Cases: Our developers also are required to write Unit tests to assure that code behaves properly in the face of common forms of attack.

Independent/External Validation of Assets and Practices

Regular (Independent) Penetration Testing: In addition to our industry standard practices and stringent processes to further mitigate the risk of exposing vulnerability, we follow a daily/monthly/yearly regime of security tests.

  • Daily: Static Automated Analysis with Tools.

  • Monthly: Trustwave PCI Compliance scans

  • Yearly: Negative Penetration Tests by external independent security experts. Here we assume everything is suspect and simulate BOT attacks to test whether our Firewall, Web and App servers’ hold against most stringent denial of service and other malicious attacks. We have strategic partnerships with some of the most revered names in the security practices domain, and we regularly bring those experts in-house to audit and attempt to break our code. Some of the series tests we perform against ourselves include the following:

    o    Denial of Service attack using large number of attackers trying to overwhelm servers, or to use large payloads to break our application.

    o    Privilege escalation attack to try and access additional data without appropriate credentials.

    o    Mass mining for Information attack to try to get sensitive data, with or without valid credentials.

    o    CSRF (Cross-Site Request Forgery) Attack to try to hijack a user session and force the browser to send request to malicious sites.

    o    Cross Site Scripting attacks to reflect attacker’s content back to the user to execute and pass on sensitive information to attacker.

    o    SQL Injection attacks to inject SQL in the application with malicious intent.

    o    Cookie Management

    o    Try to break Weak Passwords

    o    Packet Sniffing Attacks to intercept sensitive or private information in flight, for example.

     

Accommodating the existing network setup

In order to allow the En-trakTM meter to consistently export real-time data to our secure web-servers for web-based, password-protected viewing, it needs to connect to the local area network (LAN) of your company or organization. Usually this is done with either a standard Ethernet cable or, should network vendor settings allow, a wireless adapter/client.

As part of your network, the En-trakTM meter must of course adhere to your standard network setup conditions. En-trakTM meter allows for flexibility in this regard, accepting either dynamic IP addresses (DHCP) or static (private) IP addresses to be set by the network administrator and changeable at any time.

Incoming Connections

The En-trak™ meter listens for incoming connections for the following services:

  • Web service (TCP port 80): This provides the admin interface for En-trakTM personnel to manage the En-trakTM meter. This is necessary for system maintenance, support, and consistent data access. If desired, this port could be exposed to the Internet through a suitable firewall rule (e.g., a rule which forwards accesses to port 8080 to the En-trak meter at port 80).

  • SSH service (TCP and UDP port 22): The secure-shell (SSH) service is used for factory-maintenance and -servicing only and is protected by a unique password that is known only to the manufacturer. This port is never exposed to the Internet.

Outgoing Connections

En-trak™ meters maintain two outgoing connections as below:
Proxy-server connection
When an En-trakTM meter is powered up, it connects to port 8082 of the off-site En-trak server. This connection then makes it possible to access the device from any point on the Internet (with the proper authentication). In essence, the proxy-server connection is a bridge to the web-service running on the En-trak meter.
Time-server connection
The En-trakTM meter also maintains a connection to the time-server at: asia.pool.ntp.org. This connection is used to automatically maintain the proper time on the device. If the meter is unable to connect to this service, it will still work properly. The only downside is that the date and time may need to be adjusted manually from time to time by En-trakTM support team. The time server hostname may also be specified if required.

System Connection Diagram