Skip to main content

Security Overview

MachineMetrics is built for enterprise manufacturers in regulated industries including Aerospace, Defense, and MedTech. Our platform delivers secure, reliable, and auditable functionality designed to meet the operational and compliance needs of enterprise IT and compliance professionals.

Platform Security Summary

AreaStandard
CertificationISO 27001
InfrastructureAWS (Standard) / AWS GovCloud (Government)
EncryptionAES-256 at rest, TLS 1.2+ in transit
Uptime SLA99.9%
AuthenticationSSO (OIDC), MFA
ComplianceCMMC Level 2, ITAR, 21 CFR Part 11

ISO 27001 Certification

MachineMetrics is ISO 27001 certified, demonstrating our commitment to information security management. This certification includes:

  • Annual third-party penetration testing
  • Continuous internal security audits
  • Formal Information Security Management System (ISMS)
  • Controlled access to sensitive data
  • Threat modeling and mitigation procedures
  • Secure development lifecycle (SDLC) practices

Compliance Frameworks

CMMC & ITAR (Defense)

MachineMetrics supports deployment in AWS GovCloud for defense contractors and government agencies:

  • Aligned with CMMC Level 2 requirements
  • Designed for ITAR compliance
  • Isolated infrastructure with enhanced access controls
  • Validated environments for labor tracking and digital signatures

21 CFR Part 11 (FDA/MedTech)

For FDA-regulated environments, MachineMetrics supports electronic records and signatures requirements:

  • Dual authentication with SSO and secure PIN verification
  • Audit logging of all data interactions (timestamp, user ID, event intent)
  • Role-based access controls with read-only restrictions on validated data
  • Separation of system-of-record responsibility to ERP
  • Detailed validation logs and error traceability

GDPR

MachineMetrics complies with GDPR requirements for data protection:

  • Customer data ownership
  • Right to data portability
  • Transparent sub-processor disclosure
  • Data processing agreements available

Data Encryption

In Transit

  • All communication uses TLS 1.2 or higher
  • HTTPS only — no plaintext connections
  • Certificate pinning for Edge devices

At Rest

  • AES-256 encryption for stored data
  • Encrypted database backups
  • Secure key management through AWS KMS

Authentication & Access Control

Single Sign-On (SSO)

MachineMetrics integrates with enterprise identity providers using OIDC (OpenID Connect):

  • Enforce corporate password policies
  • Centralized user provisioning and deprovisioning
  • Session management aligned with corporate security standards

Supported identity providers include:

  • Okta
  • Azure Active Directory
  • Google Workspace
  • OneLogin
  • Any OIDC-compliant IdP

Role-Based Access Control

User permissions are managed through defined roles:

RoleAccess Level
ExecutiveFull system access and configuration
ManagerProduction data, reports, most settings
IT AdminAll Manager permissions + SSO, ERP config
SupervisorReports and dashboards, limited settings
KioskDashboard display only (read-only)

Multi-Factor Authentication

  • Available for all user accounts
  • Required for administrative access to infrastructure
  • Supported through SSO provider integration

Cloud Infrastructure Security

MachineMetrics is hosted on Amazon Web Services (AWS) in a Virtual Private Cloud (VPC):

  • Resources compartmentalized into public and private subnets
  • Credential-controlled access with least privilege
  • API access controlled by short-lived authentication tokens
  • Passwords hashed (never stored in cleartext)
  • Continuous monitoring and threat detection

Standard Environment

  • Multi-region AWS deployment
  • Automatic failover and redundancy
  • 99.9% uptime SLA

GovCloud Environment

  • Isolated AWS GovCloud infrastructure
  • US-only data residency
  • Enhanced access controls for cleared personnel

Security Program Practices

MachineMetrics maintains comprehensive security policies including:

Policy AreaDescription
BackupAutomated backup procedures to prevent data loss
EncryptionStandards for data protection at rest and in transit
Change ManagementControlled process for system and product changes
Vulnerability ManagementRegular scanning, penetration testing, patching
Access ControlPrinciples for controlling system access
AuthenticationPassword and account security requirements
Incident ResponseProcedures for security incident handling
Business ContinuityDisaster recovery and operational resilience
Risk ManagementOngoing risk assessment and mitigation
TrainingSecurity awareness for all employees

Continuous Security Monitoring

MachineMetrics maintains a proactive security posture:

  • Regular internal and third-party security reviews
  • Formal incident response and disaster recovery plans
  • Continuous improvement based on threat intelligence
  • 24/7 infrastructure monitoring
  • Automated security alerting

Reporting Security Vulnerabilities

If you identify a security vulnerability, please report it to our security team:

Email: security@machinemetrics.com

Include:

  • Detailed description of the vulnerability
  • Steps to reproduce (if applicable)
  • Any relevant screenshots or logs

We appreciate responsible disclosure and will respond promptly to all reports.

Documentation & Audits

For enterprise IT audits, validation packages, or compliance documentation, contact:

Available documentation includes:

  • ISO 27001 certificate
  • SOC 2 Type II report (upon request)
  • Penetration test summary
  • Data Processing Agreement (DPA)
  • Sub-processor list