Security & Compliance

Our platform is built with enterprise-grade safeguards across data protection, identity, observability, and business continuity.

Confidentiality
Integrity
Availability

Data Protection

  • In transit: TLS 1.2+ for all endpoints
  • At rest: database & file encryption (Azure-managed)
  • Key management: Keys stored in Azure Key Vault
  • PII handling: Field-level access & audited views

Access Control

  • SSO: Microsoft Entra ID (Azure AD)
  • MFA: Enforced via your IdP
  • RBAC: Role-based permissions and least privilege
  • Session: Short-lived tokens & refresh rotation

Audit & Observability

  • Immutable audit logs for sign-in, access, and admin changes
  • Application & infrastructure logging with retention

Backups & DR

  • Automated backups with point-in-time restore windows
  • Redundancy within Azure regions
  • Documented RPO/RTO targets

Vulnerability Management

  • Dependency monitoring and routine patching
  • Regular vulnerability scans
  • Penetration testing at planned intervals

Compliance

  • Data Processing Addendum (DPA) available on request
  • Subprocessor transparency

Incident Response

We follow a documented incident response process including classification, containment, customer notification, and post-incident review.

Contact us about security