Skip to main content

Infrastructure and Application Security

Security is a core feature built into the Droplet Platform and line of products, from infrastructure down to lines of code.

Modern policies and procedures combined with the use of leading industry services are in place at Droplet to maintain data security and the privacy of any users interacting with our systems.

Droplet Security

Operational Security

Encrypted in Transit

All traffic is secured in transit with TLS.

Encrypted at Rest

All data, including backups, are also encrypted at rest.

Minimal Footprint

The principle of least privilege is applied to the openness of systems.

Preventative Action

A proactive approach is taken to detect when systems and libraries require updates.

DDOS Prevention

We use state-of-the-art services to detect and drop malicious traffic.


Our platform is monitored at the network, system, and application levels.


Automation is leveraged where it makes sense for stable operations.

Separation of Roles

Role based access is used at both infrastructure and application levels.

Turn-Key Rebate Processing for Your Agency!

Application Security

Password Security

Passwords are never stored in plain text and cannot be decrypted.

Secure Defaults

Applications are designed with secure defaults set out of the box.

API Tokens

API Tokens are treated with the same level of security as passwords.


Only well established, industry standard encryption algorithms are in use.

California Water Services Group
American Water
Santa Clarita Valley Water District
Western Municipal Water District
Municipal Water District of Orange County
Desert Water Agency