ISO 27001 Certification & Security Standards

At Energocentrum, we have successfully achieved ISO/IEC 27001:2022 certification. This milestone proves that information security is not just a feature, but an inseparable part of our high-quality building automation systems.

This certification validates our commitment to standardized risk management and the protection of critical infrastructure data.

Our internal management systems have been overhauled to focus on three core pillars:

• Software Lifecycle: Security is integrated directly into the engineering and code management processes for our TZB and energy software.
• SaaS Reliability: All cloud operations run within a verified framework specifically audited for information security.
• Risk Mitigation: We provide professionals with the tools needed to handle modern security requirements (such as NIS2) with confidence.

The Mervis Portal acts as the central line of defense for your projects. We have introduced several features to help administrators enforce enterprise-grade security:

To protect critical infrastructure access, the Portal supports:

• Multi-Factor Authentication (MFA): Administrators can enforce mandatory MFA using TOTP (Time-based One-Time Password) or SMS for all users.
• Password Policies: Strict password quality requirements can be implemented across all domains and subdomains.
• User Provisioning: Streamlined tools allow for the direct generation and secure delivery of credentials to new users.

To prevent data loss and improve collaboration, the Portal includes enhanced Project History capabilities:

• Audit Trails: Users can view a detailed history of file changes for their projects to track who modified what and when.
• Disaster Recovery: The system enables the downloading of previously deleted files from the project history, acting as a safety net against accidental deletions.

For more details on the official standard, visit the ISO/IEC 27001 Standard page.