Security at every layer
From device provisioning to cloud storage, EdgeConductor is built with enterprise-grade security controls — encryption, isolation, audit logs, and compliance readiness baked in from day one.
Authentication & Identity
Unique key per device assigned at provisioning time. Keys are hashed — never stored in plaintext.
All API calls require a scoped Bearer token. Tokens are org-scoped — one org cannot access another's data.
Three roles: admin, org_admin, customer. Each role has a fixed permission set enforced server-side.
Keys can be revoked and rotated from the dashboard at any time. Old keys are immediately invalidated.
Minimum 8-character passwords enforced at signup. Passwords are hashed with bcrypt — never stored in plaintext.
Two-factor authentication via Google Authenticator or Authy. Coming soon — will be required for org_admin and admin roles.
Encryption
All REST API traffic uses HTTPS/TLS 1.3. Older TLS versions rejected.
CloudAMQP broker enforces TLS 1.2/1.3 on port 8883. Plaintext MQTT connections rejected.
All data stored in Supabase/PostgreSQL with AES-256 at-rest encryption managed by the cloud provider.
API keys, MQTT credentials, and service keys stored as environment variables — never in code or logs.
Access Control
Every database query is scoped to org_id. One tenant can never query, read, or modify another tenant's data.
Supabase RLS policies enforce org isolation at the database level — even if application logic is bypassed.
Every rule fire, OTA push, config change, and device offline event is logged with timestamp and actor. Available in Business tier.
Audit log entries cannot be modified or deleted — append-only for compliance requirements.
Device Security
Each device gets a unique serial and secret at registration. Secrets are never transmitted after initial provisioning.
OTA firmware updates are delivered over TLS. Firmware version is verified before flashing. Rollback on failure.
Commands reach devices via the shadow desired state — no direct command channel that could be spoofed.
Device credentials are assigned at factory time. No internet required during manufacturing.
Compliance Readiness
We build toward the compliance standards our customers need — healthcare, manufacturing, smart buildings, and government.
Data residency in EU-hosted infrastructure available. User data deletion on request. No data sold to third parties.
Relevant for healthcare deployments (hospital environment monitoring). BAA available on Enterprise tier. Audit logs + access controls already in place.
SOC 2 Type II audit planned for Q4 2026. Controls for availability, confidentiality, and security are already implemented.
Information security management framework alignment in progress. Relevant for enterprise and government deployments.
Responsible Disclosure
Found a security vulnerability? We take all reports seriously. Email us directly — we respond within 48 hours and will credit you in our security changelog.
edgeconductor@gmail.com →Enterprise Security Review
Need a security questionnaire filled, penetration test results, or a dedicated security review before deployment? Talk to us.
Request Security Review →