Learn more about Umovity.
  Learn more about Umovity.
Skip to navigation Skip to content
Econolite
  • Products
    • Cabinets
      • ATCC
      • Blue Series
      • NEMA
      • Safetran
      • Battery Backup Systems
      • Additional Components
    • Controllers
      • EOS
      • 2070 Series
      • Cobalt®
      • ATC Controller Modules
    • Sensors
      • EPIQ RADAR™
      • Autoscope® OptiVu
      • Autoscope® Vision
    • Software
    • Professional Services
      • Integration
      • Field Services
      • Design & Design Build Services
      • Signals as a Service
  • Application Areas
  • Support
    • Learning Center
    • Technical Documentation
    • Support Request
    • Webinars
  • About
    • Leadership
    • Success Stories
    • ESG Pledge
    • News
      • Press
      • Events
    • Evolving Econolite
    • Contact Us
  • Careers
    • Why Work Here
    • Opportunities
    • Application Process
    • Our Values
    • Our Mission, Our Culture
  • Products
    • Cabinets
      • ATCC
      • Blue Series
      • NEMA
      • Safetran
      • Battery Backup Systems
      • Additional Components
    • Controllers
      • EOS
      • 2070 Series
      • Cobalt®
      • ATC Controller Modules
    • Sensors
      • EPIQ RADAR™
      • Autoscope® OptiVu
      • Autoscope® Vision
    • Software
    • Professional Services
      • Integration
      • Field Services
      • Design & Design Build Services
      • Signals as a Service
  • Application Areas
  • Support
    • Learning Center
    • Technical Documentation
    • Support Request
    • Webinars
  • About
    • Leadership
    • Success Stories
    • ESG Pledge
    • News
      • Press
      • Events
    • Evolving Econolite
    • Contact Us
  • Careers
    • Why Work Here
    • Opportunities
    • Application Process
    • Our Values
    • Our Mission, Our Culture

Trust is the foundation of everything we do at Econolite.

As a global leader in mobility and traffic management solutions, we are deeply committed to transparency, data security, and responsible innovation.

This page highlights how we build and sustain your trust—through adherence to certified standards, deployment of reliable technologies, and a steadfast commitment to ethical and sustainable practices.

If you have questions or would like to learn more about our dedication to secure, trusted mobility solutions, we welcome the opportunity to connect.

Contact Us

Certification | Data Protection | Compliance | Data Security | Policies | Governance, Process, and Culture | Secure Software Development & Vulnerability Management | Infrastructure, Resilience, & Endpoint Security

Certification

ISO9001:2015 Certification

Econolite is certified to the internationally recognized ISO 9001:2015 standard, demonstrating our commitment to establishing, implementing, maintaining, and continually improving the quality and reliability of our hardware and software products for traffic and transportation management.

ISO Certificate (PDF) →

ESG (Environmental, Social, and Governance)

We integrate ESG principles into our corporate governance framework, ensuring that our security and privacy practices align with broader commitments to ethical business conduct, sustainability, and social responsibility.

Third-Party Audit Reports

Econolite engages independent security experts to conduct regular penetration tests and security assessments. Summaries of these third-party audit findings are made available to customers to demonstrate our ongoing commitment to identifying and mitigating vulnerabilities in our products and infrastructure.

Data Protection

Legal Compliance

Econolite is committed to safeguarding data and ensuring privacy rights across all jurisdictions in which we operate. We maintain data protection practices that align with the California Consumer Privacy Act (CCPA), the Colorado Privacy Act (CPA), and other applicable state-level regulations. We act as a responsible data processor and controller, ensuring personal data is handled lawfully, transparently, and securely. Our privacy practices include data minimization, user consent management, and robust technical and organizational safeguards.

Privacy by Design and by Default

We integrate privacy considerations into every stage of product development and business processes. Default configurations prioritize data protection by minimizing data collection and providing users with clear, accessible privacy controls.

Data Processing Agreement

To support our customers in meeting their data protection obligations, Econolite offers a Data Processing Agreement (DPA) for all applicable products and services.

Compliance

Code of Conduct

Econolite maintains a strict Code of Conduct that governs ethical behavior and compliance with laws and regulations by all employees, suppliers, and business partners. This code supports a culture of integrity and accountability.

Whistleblower Policy

Econolite adheres to strict ethical standards, ensuring transparency, accountability, and compliance with all applicable laws. Econolite maintains an independent anonymous service at https://app.mycompliancereport.com/report?cid=ECNTE to report concerns and suspected wrongdoing, without fear of retaliation.

Supplier and Third-Party Risk Management

We maintain a third-party risk management program to ensure that suppliers and business partners meet our compliance standards, minimizing risks throughout our supply chain.

Build America, Buy America Act (BABA)

We make available manufactured products that are fully compliant with current BABA requirements, ensuring that our customers can meet the procurement standards applicable to federally funded infrastructure projects, as necessary.

Data Security

Data Classification and Handling

We follow a data classification framework to manage information according to its sensitivity and business impact. Data is categorized (e.g., public, internal, confidential) and handled with appropriate controls to ensure its protection throughout its lifecycle.

Secure Backup and Data Recovery

We maintain encrypted backups of critical data, stored in geographically diverse locations. Regular testing of backup and recovery procedures ensures data availability and integrity in the event of accidental loss or disaster.

Data Isolation

Data belonging to different customers or business units is logically separated within our systems. This isolation prevents unauthorized access and ensures that each customer’s data remains private and secure.

Secure Key Storage and Rotation

Encryption keys are managed using dedicated key management systems, with strict access controls and regular rotation policies. Keys are stored securely, and their lifecycle is governed by best practices to minimize risk.

Data Retention and Deletion Policies

Clear data retention policies define the length of time information is stored and when it is securely deleted. We strive for timely removal of data that is no longer required, in compliance with legal and contractual obligations.

Governance, Process, and Culture

Security Governance

Our security governance framework establishes roles, responsibilities, and oversight for information security. A dedicated team oversees policy development, risk management, and compliance activities, ensuring alignment with organizational objectives.

Security Awareness Training for Employees

All employees receive mandatory security awareness training tailored to their roles. Training covers topics such as phishing, social engineering, and secure data handling, empowering staff to recognize and respond to security risks.

Security Policies and Procedures

A comprehensive set of security policies and procedures guides all aspects of our operations. These documents are regularly reviewed and updated to reflect evolving threats, regulatory requirements, and industry best practices.

Security Incident Management

We maintain a robust incident management process to detect, respond to, and recover from security events. Incidents are thoroughly investigated, and lessons learned are used to strengthen our defenses and prevent recurrence.

Security Culture

We foster a strong security culture through ongoing education, leadership commitment, and employee engagement. Security is integrated into our daily operations, encouraging proactive risk management and responsible behavior at all levels.

Business Continuity Management

Our business continuity program ensures that critical operations can continue during and after disruptive events.

Security Risk Assessments

Regular risk assessments are conducted to identify and evaluate potential threats to our information assets. Findings drive the implementation of targeted controls and continuous improvement of our security posture.

Secure Software Development & Vulnerability Management

System and Organization Controls (SOC) Compliance

Econolite maintains rigorous SOC 2 and SOC 3 compliance for its Centracs® Mobility software, demonstrating our commitment to data security, system availability, and confidentiality. These independent audits validate that our systems and processes meet strict trust service criteria, assuring our customers that their data is handled with the highest standards of integrity and protection. SOC 3 reports, which can be made available upon request, further reinforce our dedication to transparency and secure mobility solutions.

Secure Software Development Lifecycle (SDLC) 

We follow a mature SDLC process for the development, testing, and release of our products. We apply secure coding standards and conduct regular PR reviews as part of our software development process.

Code Review and Static Code Analysis

All code undergoes review and static analysis to identify vulnerabilities and ensure adherence to security standards. Automated tools and peer reviews help maintain code quality and reduce risk.

Penetration Testing

Regular penetration tests are conducted by independent experts to identify and address vulnerabilities in our applications and infrastructure. Findings are prioritized and remediated promptly to maintain a strong security posture.

Patch and Vulnerability Management

Critical systems are regularly updated with security patches to address emerging threats. Our patch management process ensures that vulnerabilities are promptly identified and resolved, minimizing exposure to potential attacks.

Vulnerability Management and Remediation

We operate a continuous vulnerability management program, leveraging automated scanning and manual assessments. Identified issues are tracked, prioritized, and remediated according to risk, ensuring timely mitigation.

Infrastructure, Resilience & Endpoint Security

High Availability and Redundancy

Our infrastructure is architected for high availability through our Azure SaaS platform, leveraging redundant systems and failover mechanisms to minimize downtime. Built-in Azure capabilities, combined with continuous monitoring and automated recovery processes, ensure that our services remain accessible and reliable even during unexpected events.

System Hardening and Baseline Configuration

We apply system hardening measures to all infrastructure components, removing unnecessary services and applying secure configuration baselines. Regular reviews and automated compliance checks ensure that systems remain resilient against emerging threats and adhere to industry best practices.

Endpoint Protection and Antivirus

All endpoints are protected by advanced security solutions, including antivirus, anti-malware, and Endpoint Detection and Response (EDR) tools. Regular updates and real-time monitoring help prevent, detect, and respond to threats targeting user devices and servers.

Backup and Disaster Recovery Planning

Robust backup strategies are in place to safeguard critical data, with encrypted backups stored in geographically diverse locations. Our disaster recovery plans are regularly tested to ensure rapid restoration of services and data integrity in the event of system failures or disasters.

Policies

Security Policies and Procedures

A comprehensive suite of security policies and procedures governs all aspects of our operations. These documents are regularly reviewed and updated to reflect changes in the threat landscape, regulatory requirements, and organizational priorities.

Incident Response Policy

A formal Incident Response Policy defines the procedures for detecting, reporting, and responding to security incidents. The policy ensures a coordinated and effective response to minimize impact and support continuous improvement.

Least Privilege Principle

Access to systems and data is granted strictly on a need-to-know basis. The least privilege principle is enforced across all roles and environments, minimizing the potential impact of compromised accounts or insider threats.

Acceptable Use Policy

Our Acceptable Use Policy outlines the appropriate and prohibited uses of company technology resources, ensuring that all users understand their responsibilities and the consequences of policy violations.

Whistleblower Policy

We foster a culture of transparency and accountability through our Whistleblower Policy, which provides secure and confidential channels for reporting concerns about improper, unethical, or illegal conduct without fear of retaliation.

Password Policies and Management

We enforce strong password policies, including complexity requirements, regular rotation, and secure storage. Password management tools and multi-factor authentication are used to further strengthen account security and reduce the risk of unauthorized access.

Identity Lifecycle Management 

We maintain strict controls over the entire identity lifecycle, from onboarding to offboarding. Automated processes ensure timely provisioning and deprovisioning of access, reducing the risk of orphaned accounts and unauthorized access.

Segregation of Duties

Critical functions are separated among different individuals or teams to prevent conflicts of interest and reduce the risk of fraud or error. Segregation of duties is enforced through technical controls and regular audits.

Periodic Access Reviews

Regular access reviews are conducted to validate that permissions remain appropriate for each user’s role. Any unnecessary or excessive privileges are promptly revoked, ensuring continuous alignment with security and compliance requirements.

1250 N. TUSTIN AVE.
ANAHEIM, CA 92807
(714) 630-3700
Solutions that
Move the World

Resources

  • Contact Us
  • Give Feedback
  • Learning Center
  • Marketing Communications
  • Support Request
  • Technical Documentation

Stay Connected

  • LinkedIn
  • Instagram
  • Facebook
  • X
  • Youtube

Legal

  • Compliance with Human Trafficking Laws and Regulations
  • Trust Center
  • Privacy Policy
  • Proposition 65 Warning
  • Supplier Code of Conduct
  • Terms of Use
COPYRIGHT © 2025 ECONOLITE. ALL RIGHTS RESERVED.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT