In a world that’s increasingly digital, ensuring your data and privacy are secure is more important than ever. At Ostrom, we take this responsibility seriously. While the energy industry is transforming with smart technologies, the need for robust cybersecurity has grown significantly. Our commitment to your safety goes beyond providing clean energy — it extends to protecting your information at every step.

A Culture of Continuous Improvement in Security

At Ostrom, we believe that security is an ongoing process, not a one-time solution. In light of the growing number of cyber threats, we continuously enhance our security measures to stay ahead. From securing our internal systems to safeguarding the way we interact with our customers, our approach is rooted in best practices and proactive strategies.

1. Empowering Our Team with Security Training

Security starts with our people. Every Ostrom team member undergoes regular training to stay informed about the latest cybersecurity threats and how to counteract them.
‍

• Anti-Phishing Guidelines: This includes workshops and guides on safe online behavior, ensuring that our team is always one step ahead of potential threats. Always check the sender domains. Always double-verify if something does not seem right.
• Password Manager & Unique Passwords: Every employee uses a password manager, which means no sensitive credentials are stored on sticky notes or written down in places where they could be easily accessed.

2. Enforcing Strong Technological Safeguards

We’ve implemented a range of technological measures to secure our systems:
‍

• Laptop Encryption & VPN: All company laptops are encrypted to protect data in case of theft or loss. Additionally, we require all employees to use a Virtual Private Network (VPN) with the Wireguard protocol, ensuring secure remote access.
• Two-Factor Authentication (2FA): We enforce 2FA across all our applications, from our email systems to our cloud infrastructure. This adds an extra layer of protection, ensuring that even if a password is compromised, unauthorized access is prevented.
• Access Control Policies: We follow strict access control measures, ensuring that only authorized personnel can access sensitive data. Our systems are configured to limit access based on role, which helps protect against internal and external threats.

3. Building Secure Software & Infrastructure

Our tech team takes a rigorous approach to secure development:
‍

• Code Reviews and Automated Testing: Before any code goes live, it undergoes multiple layers of review, including static analysis via SonarCloud and automated vulnerability scanning using Snyk. This ensures that potential weaknesses are identified and addressed early in the development process.
• Vulnerability Disclosure Program: We collaborate with external security researchers through platforms like BugCrowd. By inviting ethical hackers to report vulnerabilities, we can quickly identify and fix potential issues, making our systems even more resilient.

4. Securing Our Customer Experience

We know that your experience with Ostrom isn’t just about affordable green energy — it’s also about trust. Here’s how we keep your interactions secure:
‍

• App Identification & Biometric Authentication: Our Ostrom app uses tools like Touch ID and Face ID to streamline your login process while keeping it secure. This minimizes the need to enter passwords frequently, reducing the risk of exposure.
• Real-Time Monitoring & Rate Limiting: Our systems monitor user activity to detect unusual behavior. For example, after several failed login attempts, an account is temporarily locked to prevent brute-force attacks. Additionally, our API has rate limits in place to protect against automated attacks.
• GDPR Compliance and Training: We’re fully compliant with the General Data Protection Regulation. This means we handle your data responsibly, ensuring it’s processed securely and only for the purposes you’ve consented to. We also use a 3rd party provider to provide onboarding, training, audits and refreshers to the team to keep up compliance.

Transparency & Customer Trust

At Ostrom, transparency is one of our core values. We believe you have the right to know how your data is being used and protected. We’re committed to being open about our security measures, so you can feel confident when you choose Ostrom as your energy partner.
‍

If you ever have questions about your data privacy or would like to learn more about our security practices, our customer support team is available to assist you. You can also find detailed information in our Help Center.

Looking Ahead: The Future of Security at Ostrom

We’re proud of the security measures we’ve put in place, but we’re not stopping here. The digital landscape is constantly evolving, and so are the threats that come with it. That’s why we’re committed to continuous improvement. Whether it’s adopting new technologies or enhancing our existing protocols, our goal is to stay ahead of potential risks and provide you with the safest experience possible.
‍

At Ostrom, we’re more than just a green energy provider — we’re your trusted partner in a secure, sustainable future. 🌍🔒
‍

Stay safe, stay green, and stay with Ostrom!
‍

#Ostrom #DataSecurity #EnergyJustBetter #GreenEnergy