Data security information for Emoncms.org

Hi, I am in the process of installing a EmonPi at a customer (commercial client) so I can follow up his power usage remote.
He has some questions about the data security. I have looked around on this forum and this is the information I was able to find:

  • The AES encryption protocol is used to encrypt the transmission to Emoncms, using a shared secret key (SHA256 hash) to connect to the server.
  • The data array is encrypted using the AES_128_CBC algorithm, an apikey and a random initialization vector.
  • read/write key associated with the username is used to decode the data array.

can someone confirm it this information is still valid?

Also the data on the Emoncms.org platform itself, is there some information on where the data is hosted? Cloud AWS, dedicated datacenter, … ? And are there any certificates available (ISO27001?).

Thank you for the information!

I think @TrystanLea is the person to answer this.

Hello @PieterB, sorry for the delay!

The EmonPi uses HTTPS when sending data to emoncms.org. The AES encryption option is another option available for devices without full HTTPS capability.

Emoncms.org itself is hosted on dedicated servers with a reputable hosting company based in the UK.
There a bit more information on our privacy page here: Emoncms - site privacy. We do not currently have ISO27001 certification.

Hope that helps