Security and Privacy at PlotWatt
Posted by Luke Fishback
At PlotWatt, we take the security and privacy of our customer information seriously. We aggressively protect the integrity of our data with:
Extremely Secure and Safe Hardware
PlotWatt installs an on-premise smart meter device called an eGauge, which uses sensors (or current transformers) to directly measure current on a small number of circuits at the location. The eGauge uses network access to send outgoing communication only. Most PlotWatt installations run on a local DHCP network. For heightened security, the eGauge’s network access can be restricted to three outgoing ports: 80, 123, and 443, which completely wall it off to sensitive network data streams, or it can be run entirely on a cell network. The eGauge cannot access any sensitive store data – point-of-sale data, credit card information, or anything else.
Limited Data Collection
PlotWatt gathers electricity data on the major electrical appliances in the store, as well as the make and model of the appliances. We will require access to the electrical panels to perform a simple hardware installation. PlotWatt’s product relies on email communication and occasional phone calls to managers and owners. We record basic contact information – store location address, manager and owner names, emails and phone numbers – to support these communications. Credit card payments are handled by a secure third party vendor; we don’t receive or archive credit card information internally. Customer data is encrypted and logically isolated so there is no crossover risk of one customer’s data to another customer account.
Secure Cloud Infrastructure
We entrust our own sensitive algorithms as well as our customer data to the top-of- the-line Amazon Web Services platform, which conforms to the highest standards of cloud-based infrastructure security.
Strict Access Controls
Access to customer data as well as PlotWatt’s algorithms is tightly controlled internally at PlotWatt to a limited number of employees. All PlotWatt system logins are SSL encrypted.
No IT Time Required
No time is required by internal IT staff to install or manage the PlotWatt system (unless a customer decides to restrict network access beyond DHCP).