WHITE PAPER
Driving the Future of Connected Cars with MQTT →

Security

From day one, security has been at the heart of EMQX Cloud. With our comprehensive security features seamlessly integrated, you can focus on managing your data flows while we handle its safeguarding.

Tenant Isolation

EMQX Cloud employs robust tenant isolation mechanisms, ensuring individual user data remains segregated and secure, preventing any cross-tenant vulnerabilities.

Authentication & Authorization

EMQX Cloud provides comprehensive Authentication and Authorization, enabling you to manage how clients access the MQTT broker.

Role-based Access Control

EMQX Cloud allows multiple users per account, enabling precise access control through sub-users and providing audit logs.

Data Confidentiality

EMQX Cloud safeguards your data with end-to-end encryption and provides enhanced options like private network connectivity.

Compliance

EMQX Cloud serves customers across diverse and highly regulated sectors such as energy, manufacturing, automotive, financial services, healthcare, and high-tech. Our built-in compliance aligns with numerous federal, international, and industry-specific mandates. Our specialized compliance team ensures transparency, diligently providing security documents to establish a trusted relationship between our company, products, and our clients.

SOC 2

SOC 2 is a regularly refreshed report that focuses on controls at a service organization relevant to security, availability, processing integrity, confidentiality or privacy. We currently offer SOC 2 Type 1 reports for EMQX Cloud and EMQX Enterprise.

ISO/IEC 27001:2013

The ISO/IEC 27001:2013 is an international standard for information security management systems (ISMS). It provides a systematic approach to managing sensitive information, ensuring its confidentiality, integrity, and availability. EMQ adopts this standard to demonstrate our commitment to information security and to meet various regulatory and client requirements.

ISO/IEC 27701:2019

ISO/IEC 27701:2019 is an extension to the ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls. As a globally recognized management system standard, ISO/IEC 27701:2019 offers guidance on privacy protection, detailing how organizations should handle personal information. It plays a pivotal role in showcasing compliance with privacy regulations globally. EMQ's adherence to this certification underscores our dedication to privacy and data protection.

ISO/IEC 20000-1:2018

The ISO/IEC 20000-1:2018 is an international standard for service management systems (SMS). It specifies requirements for establishing, implementing, maintaining, and continually improving an SMS to ensure that organizations consistently deliver quality IT services. Adopting this standard demonstrates EMQ’s commitment to efficient service delivery and continuous improvement in IT service management processes.

ISO 9001:2015

ISO 9001:2015 is the international standard for quality management systems (QMS). It sets out criteria for ensuring consistency in products and services, emphasizing continuous improvement and customer satisfaction. EMQ adopts this standard to demonstrate our commitment to delivering high-quality products and services and meeting customer and regulatory requirements.

GDPR Readiness

The General Data Protection Regulation (GDPR) regulates the use and protection of personal data originating from the European Economic Area (EEA), granting individuals control over their data with a focus on transparency and security. Organizations need clear consent for data actions. EMQ is committed to supporting our customers in their GDPR compliance efforts.

HIPAA

HIPAA, the Health Insurance Portability and Accountability Act, is a U.S. law enacted in 1996. It sets standards for protecting sensitive patient health information. It mandates healthcare providers and other covered entities to ensure the confidentiality, integrity, and security of health data. EMQ can support HIPAA-related customer data after a Business Associate Agreement (BAA) has been properly executed with EMQ.

Ready to get started?

Build your IoT solutions using EMQX Cloud, a reliable and trusted MQTT platform with robust security measures, regulatory compliance, and technical excellence.

Try EMQX Cloud →

Engage with Us

We value your insights. Share feedback on our security and compliance measures, and we promise to listen, learn, and elevate.