Effective Date: March 2026
Security at Rune Energy
Rune Energy takes a security-first approach to protectingoperational systems and customer data. Our security program is built aroundindustry best practices and includes the following core controls:
Infrastructure Security
Rune Energy deploys systems within segmented networks and protectedinfrastructure environments. Access to operational systems is restricted toauthorized personnel and protected through secure authentication mechanisms.
Access Control
Access to internal systems is governed by least-privilege principles andmulti-factor authentication where supported. Access rights are reviewedperiodically.
Encryption
Sensitive communications are encrypted in transit using industry standard TLSprotocols. Where applicable, sensitive data stored in systems is encryptedusing modern encryption technologies.
Monitoring and Alerting
Operational systems are continuously monitored for anomalous behavior.Automated alerts notify engineers of operational or security events requiringinvestigation.
Incident Response
Rune Energy maintains a formal Incident Response Plan outlining procedures fordetection, containment, investigation, and remediation of security incidents.The plan is periodically tested through tabletop exercises.
Secure Development Practices
Software developed by Rune Energy follows secure development practicesincluding vulnerability monitoring and controlled deployment procedures.
Compliance and Governance
Rune Energy maintains an information security program aligned with industryframeworks including SOC 2 security principles.
For security-related inquiries please contact:
security@rune.energy