Security
Protecting your device fleet data is our top priority. Here's how Et'al MDM keeps your organization secure.
Encryption at Rest & In Transit
All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Device communications, policy payloads, and telemetry data are never transmitted in plaintext.
Role-Based Access Control
Granular permissions ensure users only access what they need. Administrators, field technicians, and viewers each have isolated permission scopes with audit-logged access.
Row-Level Security
Multi-tenant data isolation is enforced at the database level using PostgreSQL Row-Level Security policies. Tenant data is never accessible across account boundaries.
Self-Hosted Option
Deploy Et'al MDM on your own infrastructure using Docker. Full data sovereignty — your device data, policies, and telemetry never leave your network.
Audit Logging
Every administrative action — device enrollment, policy changes, command execution, user management — is logged with timestamps, actor identity, and IP address.
Secure Authentication
SSO/SAML integration with Okta, Azure AD, and Google Workspace. Multi-factor authentication support. Session management with configurable timeouts.
Certificate Management
SCEP server for automated certificate enrollment. Push certificate management for APNs. All certificates are stored encrypted with automatic renewal tracking.
Infrastructure Security
Cloud deployments run on SOC 2 compliant infrastructure. Regular security audits, dependency scanning, and penetration testing. 99.9% uptime SLA.
Compliance
- SOC 2 Type II compliance (in progress)
- GDPR-ready data handling and right-to-erasure support
- CCPA compliant data processing
- Regular third-party penetration testing
- Automated dependency vulnerability scanning
- Incident response plan with 24-hour notification
Report a Vulnerability
If you discover a security vulnerability, please report it responsibly to security@etalmdm.com. We take all reports seriously and will respond within 48 hours.