Technology group Wärtsilä has successfully obtained SOC 2 Type 1 compliance for its GEMS Cloud Connect software, previously known as GEMS Fleet Director. The independent certification confirms that Wärtsilä has strong security and operational controls in place for the GEMS platform. The compliance was achieved after completing a detailed third-party audit with Insight Assurance in September 2025.
The certification strengthens confidence in Wärtsilä’s digital systems and highlights the company’s continued focus on cybersecurity, data protection, and operational excellence for customers worldwide.
GEMS Cloud Connect is a cloud-based platform designed to help customers maximise the value of energy storage systems and hybrid energy fleets. To secure the SOC 2 Type 1 report, Wärtsilä underwent a comprehensive external assessment. The audit reviewed the design of internal controls related to security, availability, and processing integrity across the GEMS platform.
Following this milestone, Wärtsilä is now preparing for a SOC 2 Type 2 audit. Unlike Type 1, which evaluates control design, Type 2 examines how effectively those controls perform over time. The company stated that pursuing the Type 2 certification reflects its long-term commitment to maintaining high cybersecurity standards in critical energy infrastructure.
“Trust and security are paramount when it comes to energy infrastructure”, said Luke Witmer, Vice President of Software Engineering for Wärtsilä Energy Storage. “Achieving SOC 2 Type 1 compliance is another way we reassure our customers that cybersecurity is ingrained in our products and processes. We are fully dedicated to protecting our customers’ data and the critical energy infrastructure they entrust to our solutions. Maintaining alignment with leading global standards positions the GEMS platform to meet the rising security expectations of customers and regulators, while supporting the resilience and reliability of the evolving energy ecosystem.”
The platform uses cloud architecture with layered security features such as encryption, user authentication, role-based access control, and detailed audit logging. GEMS Cloud Connect is currently deployed at dozens of sites globally, helping utility and industrial customers expand energy storage and renewable energy uase safely.
This success is a step forward in Wärtsilä’s overall cybersecurity plan. The company has an Information Security Management System (ISMS) that covers the whole company, and its most important applications that store customer data meet the ISO/IEC 27001:2022 standards. Also, its GEMS Power Plant Controller (PPC) has been certified by IEC 62443-4-1 and IEC 62443-4-2.
With this certification, Wärtsilä further strengthens its position as a trusted partner in digital energy infrastructure.
Electrify your feed! Click here to join our Whatsapp group and to get the latest updates, expert insights, and innovations driving India’s energy storage revolution.
