As emissions data becomes central to regulatory compliance, operational decision-making, and corporate credibility, data security, governance, and trust matter more than ever. Behind every emissions data point and intelligence platform is a complex technology and security foundation designed to protect sensitive operational data while enabling timely, actionable insight.
In this Q&A, Anthony Mitchell Jr., Director of Information Technology at Bridger Photonics, shares how decades of experience across highly regulated industries, including biomedical, manufacturing, and the petroleum sector at the American Petroleum Institute, shape Bridger’s approach to securing emissions data at scale.
Thirty years ago I began my career working across a diverse set of industries, including manufacturing, entertainment, theme parks, and biomedical organizations. Each environment exposed me to different operational demands, but it was during my time in the biomedical sector that I truly realized the critical importance of strong governance and compliance. Working in an industry where data integrity, patient safety, and regulatory oversight are non-negotiable made it clear that technology without structure and accountability can quickly become a liability.
That realization stayed with me as I later moved into the oil and gas industry, working with the American Petroleum Institute. While the domain was different, the stakes were just as high. The lessons I learned in biomedical around disciplined governance, risk management, and compliance translated directly into my work at API, where secure, well-governed IT systems are essential to protecting infrastructure, ensuring safety, and maintaining industry trust.
I’ve always been a futurist, drawn to what’s next in IT and how emerging technologies shape the way organizations operate. Over time, this mindset led me to focus on the convergence of IT, security, and compliance as a unified discipline rather than separate functions. As I often say, “Technology only reaches its full potential when IT, security, and compliance are fully immersed. Governance isn’t a barrier to innovation, it’s what makes innovation sustainable.”
Methane measurement and emissions data now directly influence regulatory compliance, financial performance, and corporate credibility, which makes the integrity and security of that data absolutely critical. Decisions around asset valuation, reporting obligations, investment strategy, and public trust are increasingly driven by emissions data, so any compromise can have real financial and reputational consequences.
From a security perspective, this data sits at the intersection of operational technology, analytics platforms, and external reporting frameworks. Ensuring that emissions data is accurate, traceable, and protected isn’t just an IT concern, it’s a business imperative.
SOC 2 compliance, in practical terms, is about trust and accountability. For our customers and partners, it means there is independent, third-party validation that our systems and processes are optimized for to protect data consistently and responsibly. It goes beyond policy on paper, and looks at how security, availability, confidentiality, and data handling actually function in day-to-day operations.
From a customer perspective, SOC 2 demonstrates that access controls, monitoring, incident response, and change management are not ad hoc; they are repeatable, documented, and tested. It provides assurance that sensitive data and systems are handled with the same rigor, whether it’s being collected, processed, stored, or shared.
Just as importantly, SOC 2 creates transparency. Customers and partners don’t have to rely solely on promises; they can rely on evidence. SOC 2 isn’t about checking a compliance box, it's about proving, through real operational controls, that trust is earned and maintained over time.
Q4: How does the company ensure customer data (like emissions measurements, facility locations, and operational insights) remains secure throughout its lifecycle?
Ensuring customer data remains secure throughout its entire lifecycle starts with understanding that protection doesn’t end at collection. Instead, it extends through processing, storage, access, and eventual retention or disposal. From the moment emissions measurements and operational data are ingested, security controls are applied to preserve confidentiality, integrity, and availability.
We implement layered protections such as encryption, and strict access controls to ensure sensitive information like facility locations and operational insights are only accessible to authorized users. Continuous monitoring and logging provide visibility into how data is accessed and used, allowing us to quickly detect and respond to anomalies or potential threats.
Equally important is governance. Clear data handling standards, retention policies, and regular reviews ensure customer data is managed responsibly as systems scale. Data security isn’t a single control or moment in time, it's truly a continuous lifecycle commitment that follows the data wherever it goes.
Beyond SOC 2, one of the most important security investments we make is in our people. As our emissions intelligence scales globally, we recognize that technology alone isn’t enough. Well-trained, security-aware staff are critical to protecting systems and data. Ongoing security training is embedded across the organization, ensuring employees understand not only what the controls are, but why they matter and how their individual actions impact risk.
For our IT and engineering teams, training goes deeper and is continuous. This includes secure system design, access management, incident response, and operating in regulated environments. As the platform evolves, so do the skills required to secure it, and we place strong emphasis on keeping teams aligned with emerging threats, best practices, and compliance expectations.
Equally important is fostering a culture of shared responsibility. Security is not isolated within IT, but rather it’s part of how the organization operates at every level. Scalable security starts with educated people; when staff understand the mission and the risks, security becomes part of the workflow, not an afterthought. This people-first approach allows us to grow globally while maintaining the integrity, availability, and trust our customers rely on.
Balancing strong security controls with fast access to actionable emissions data comes down to designing security as an enabler, not a barrier. The goal isn’t to slow teams or customers down, it’s to make secure access seamless, predictable, and aligned with how people actually work. That starts with clearly defined roles, permissions, and data classification so users can get exactly what they need, when they need it, without unnecessary friction.
From an internal perspective, we focus on secure-by-design systems that integrate access controls, auditing, and automation directly into workflows. This allows teams to move quickly while maintaining visibility and accountability. For customers, it means secure, reliable access to trusted data without having to navigate complex or opaque security processes.
Ultimately, it’s about intentional design and governance. The best security is the kind users barely notice because it’s built into the experience, not bolted on afterward. When security and usability are aligned, organizations can act on emissions data confidently and at speed, without compromising trust or integrity.
At the end of the day, this work is about far more than technology, data, or compliance. It’s about people. In this industry, keeping men and women safe is paramount, and the systems we build and protect play a real role in that mission. The work we do helps ensure that customers can operate responsibly, that risks are identified early, and that people can go home to their families at the end of the day.
I often remind my team that this is important work. What we do contributes to someone’s mom or dad making it home safely, living long enough to put their kids through college, celebrate milestones, get married, or simply be there to offer a hug and a kiss. When you frame it that way, security and governance stop being abstract concepts, and they become a responsibility. And that responsibility is what drives me every day.
As emissions data continues to shape regulatory outcomes, operational decisions, and public accountability, the systems behind that data matter as much as the measurements themselves.
Security, governance, and compliance are not separate from emissions intelligence—they are foundational to its credibility, usability, and long-term value.
Anthony’s perspective underscores a simple truth: trusted data is built through intentional design, disciplined governance, and a culture that treats security as a shared responsibility. By embedding these principles into the technology stack from the outset, Bridger ensures emissions intelligence remains secure and accessible as customers scale their programs globally.