Security of the EnergyPlanner software

Web security is as much about advising as it is about having reliable, secure systems in place.These systems are always evolving. Dependencies and modules are never older than a few months and every few development iterations we check for new major versions of our applied technologies.

Technologies

The EnergyPlanner app consists of a mixture of web technologies and a secure API to retain stored data. When you connect to EnergyPlanner, you connect to an Microsoft Azure server in The Netherlands.

Web client

Our web client is a mixture of popular Javascript frameworks like Angular and React , where the 3D world is facilitated by Cesium and the 2D map by Open Layers . Our team continually scans the dependencies we use, whether they are needed, or whether we can do without them. Fewer dependencies mean less risk of unexpected security issues.

API

The API is a Microsoft .NET framework application. This is the only place where your information is stored, and it is safely locked away in a PostgreSQL database and accessible only by two System Administrators. EnergyPlanner administrators and moderators cannot access the database directly but may call up lists of information in an administrative user interface, that in turn are filtered on a need-to-know basis only.

Host

Our host is Microsoft Azure in The Netherlands. It runs a Windows operating system that is regularly updated by itself. The host contains some logging files that are deleted on a regular basis (this saves us some disk space, after all).


Most recent update: June, 4 2025