Drone Security for Utilities

April 7, 2021

Utility organizations are some of the most vulnerable when it comes to disasters, both natural and manmade. With such a hefty amount of pressure to remain in continual operation and states’ heavy reliance on their energy grids, potentially catastrophic effects for entire communities can occur in the wake of a devastating weather event.

But just as important to consider is the possibility of a cyberattack or data breach, which can lead to the very same effects for dependent residents - plus theft of their identifying information. As the industry evolves with technology and experiences significant digital transformation and automation innovations, additional exposures arise when changing systems or updating processes. While the utility sector is traditional in nature, proactively embracing a culture of security and prioritizing safety will be essential to operating in the technology age.

At DroneDeploy, we take the security of our customers very seriously and invest heavily in the safety and defensibility of our platform. We’re committed to having a robust security program in place that puts the security and privacy of your data as our top priority and achieved numerous compliance certifications, as well as implemented best practices to exemplify this.

Below, we detail the complex security features built-in to the DroneDeploy platform and the authorizations we’ve received due to our commitment to protecting your data.


We’ve Got You Covered: Our Security Certifications

We’re proud to be certified by leading independent auditors from top regulatory bodies. Below are some of our key achievements:

  • SOC 2 Type 1: This American CPA standard certifies that the services we use meet security and availability requirements for U.S. markets. Read more on this here.
  • ISO 27001: As the internationally recognized standard for information security controls, we achieved this certification in 2019.
  • PCI/DSS: Our payment information is handled by Stripe and Chargify, which have been audited as PCI Level 1 compliant, the most stringent level of certification available in the payments industry.
  • EU/Swiss Privacy: DroneDeploy complies with both the EU-U.S. and Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce.
  • GDPR: We currently follow the General Data Protection & Regulation law guidelines.

DroneDeploy’s Commitment to Utilities Best Practices

When finding a platform in your digital transformation journey, it’s imperative to partner with solutions that are also security-savvy. DroneDeploy adheres to security best practices, such as:

  • Customer data encryption throughout its lifecycle (i.e. in-transit, at rest, in use), including secure disposal when no longer in use.
  • SAML Single Sign-On for authentication against multiple provider types, with additional access codes or security keys made possible through Google.
  • Activity audit trail logs available to download on-demand, detailing all primary actions within our functionality.
  • Internal design and privacy standards adherence through our Secure Development Lifecycle, with risk assessments held at every level of a project.

In the event of troubleshooting, these tools can be especially useful for identifying where the leak first occurred and who is responsible. With this information at your disposal, rest assured knowing that DroneDeploy frequently undergoes annual network and system-level penetration tests from third-party vendors, with documented issue resolution in place for vulnerabilities.

As a company, we value transparency (“build trust”) as a core principle, and are dedicated to sharing details about how we handle security at DroneDeploy. As one can see, we use a variety of industry-standard technologies and best practices to secure our customers’ data and will continue to lead by example to build security and privacy practices that are clear, repeatable, auditable, and vigorous. In fact, we’re trusted by some of the most prominent names in the business - like Bruin E&P Partners, Brasfield & Gorrie, and McCarthy Building. By proactively seeking out and utilizing these tools, utility organizations can further reduce their risk of cyberattacks, strengthening both their infrastructure and trust with customers. For a deeper dive into our security and compliance operations, view our support documentation.

If you’re interested in learning more about drone data in utilities, download our free eBook on optimizing emergency preparedness in the industry, or read our article on the benefits drone software provides to this sector.

About the Author

Getting started is simple. Request a demo today.