Safe and Secure Drones
You Can Trust

Enterprise and government customers rely on DJI drone platforms for their most complex operations. DJI meets your enhanced data security and privacy needs with expanded user controls so you can focus on your operation.

Enhanced Privacy Controls

Choose A Security Mode

During initial account set-up, DJI Pilot 2 will ask the operator to choose between a range of Network Security Modes. Easily toggle between these modes at any time via the app’s Settings.

Fly & Update Your Drone Offline

Operators can download map updates, firmware upgrades and unlock GEO zones while remaining offline. This gives operators the option to conduct a security review before uploading the updates to their drones via an SD card.

Encrypt Drone Data

Add a security code to prevent any unauthorized party from accessing the media data on your drone. DJI employs AES-256-XTS encryption, with the key generated randomly for each use, and protected by the secure code set by the user. The media data is non-decryptable - not even by DJI.

Clear Device Log

Tap "Clear All Device Data" via the Settings in DJI Pilot 2 to erase your drone data, including drone logs, payload logs (excluding logs from third-party payloads) and/or remote controller logs.

Secure Drones For Secure Missions

Secure Boot

Protects the integrity of a drone’s software system and prevents malware or other unauthorized software from running on the device.

Secure Key Management

Ensures product keys are generated, stored and used in a secure manner. DJI products use a secure engine which has been certified with FIPS 140-2.

Secure Storage Devices

DJI products employ various security mechanisms to protect sensitive data, such as keys and serial numbers, from unauthorized access.

Secure Cloud

No flight logs, images or videos are shared by default

Drone data, when shared with DJI, is TLS-protected and housed in
ISO 27001-compliant U.S. servers.

ISO 27001-certified DJI FlightHub 2

DJI FlightHub 2 is ISO 27001-certified and is an option for operators who want to manage teams, drone fleets and media libraries efficiently.

Compliant Security

DJI adheres to data laws and regulations in the markets it operates in. Personal information which may include name, email or approximate location (when geofencing is switched on), if shared with DJI, is AES-256 encrypted.

ISO 27001-certified Security Management

DJI performs regular log security checks and penetration tests to promptly discover and address potential vulnerabilities. All R&D terminals are installed with antivirus protections.

Secure End-to-End Communications

Private Cloud Deployment
Through DJI SDK

Third party developers can develop private cloud solutions

Use a range of standard protocols including MQTTS, HTTPS or Websocket through DJI’s Cloud API.

Independent Security Validations

Independent third parties regularly assess our drone security and data privacy practices. The findings continue to validate our alignment with industry best practices and ability to effectively protect user data.

2023

ISO 27001 Certification for DJI FlightHub 2

Validates that the design, development & operational services comply with information security management standards.

2022

NIST FIPS 140-2 Certification for DJI Core Crypto Engine

The DJI Core Crypto Engine, which serves as the secure engine of DJI drones, obtained NIST FIPS 140-2 certification, formally validated by the U.S. and Canada Governments.

2022

TÜV SÜD

The German testing and certification firm found that cybersecurity capabilities & privacy protections of DJI drones covered by the test meet NIST IR8259 & ETSI EN 303645 standards.

2020

FTI Consulting

The global cybersecurity firm validated Local Data Mode and noted DJI’s employment of security best practices.

2020

Booz Allen Hamilton

Reviewed DJI’s GE Mavic Pro, GE Matrice 600 Pro and Mavic 2 Enterprise and found no evidence that data collected by drones was transmitted to DJI, China or any other unauthorized party.

2019

U.S. Department of Interior

The DOI conducted thorough tests on the DJI Government Edition (GE) drones and found no indication that data was being transmitted outside the system, confirming that they were operating as promised by DJI.

2019

Idaho National Lab

The Idaho National Laboratory conducted a cybersecurity test which involved DJI Matrice 600 Pro and Mavic Pro GE edition drones. The report found "no major areas of concern related to data leakage, thereby supporting that the multi-layered mitigations DOI has in place are in fact working as designed to meet their published security requirements".

2018

KIVU

The global technology and consultancy firm’s audit found DJI did not access photos, videos or flight logs generated by the drones unless drone operators voluntarily chose to share them.

Drone data shared by users based in China is stored on Chinese servers.
Consumer and enterprise drone data shared with DJI outside of China is housed in U.S.-based cloud servers.
Agras drone data is stored in servers based in the U.S., Japan or Europe, depending on which region the customer is based in.

Please contact datasecurity@dji.com email if you have any questions.