Effective Date: March 2026
Security at Rune Energy
Rune Energy takes a security-first approach to protecting operational systems and customer data. Our security program is built around industry best practices and includes the following core controls:
Infrastructure Security
Rune Energy deploys systems within segmented networks and protected infrastructure environments. Access to operational systems is restricted to authorized personnel and protected through secure authentication mechanisms.
Access Control
Access to internal systems is governed by least-privilege principles and multi-factor authentication where supported. Access rights are reviewed periodically.
Encryption
Sensitive communications are encrypted in transit using industry standard TLS protocols. Where applicable, sensitive data stored in systems is encrypted using modern encryption technologies.
Monitoring and Alerting
Operational systems are continuously monitored for anomalous behavior. Automated alerts notify engineers of operational or security events requiring investigation.
Incident Response
Rune Energy maintains a formal Incident Response Plan outlining procedures for detection, containment, investigation, and remediation of security incidents. The plan is periodically tested through tabletop exercises.
Secure Development Practices
Software developed by Rune Energy follows secure development practices including vulnerability monitoring and controlled deployment procedures.
Compliance and Governance
Rune Energy maintains an information security program aligned with industry frameworks including SOC 2 security principles.
For security-related inquiries please contact:
security@rune.energy