Security
Security architecture and controls to protect your sensitive business data.
Encryption in transit & at rest·U.S. hosting·NDA by default
Security Architecture
Data Protection
Encryption at Rest
AES-256 encryption for all stored data
Encryption in Transit
TLS 1.3 for all data transmission
Data Residency
US-based infrastructure, data never leaves US
Secure Key Management
AWS KMS with automatic key rotation
Access Controls
Multi-Factor Authentication
Required for all system access
Role-Based Access
Principle of least privilege
Audit Logging
Complete activity tracking and monitoring
Session Management
Automatic timeout and secure session handling
Compliance & Certifications
SOC 2 Type II
In progress.
Security, availability, processing integrity, confidentiality, and privacy controls.
Data Processing Agreement
Standard DPA available for all client engagements.
GDPR-compliant data processing terms and data protection measures.
Mutual NDA
Default confidentiality agreement for all engagements.
Protects both client and firm confidential information.
Data Handling & Retention
Data Collection
- • Financial statements and operational data
- • Vendor and customer information
- • Risk exposure and historical data
- • Market and economic indicators
Data Retention
- • Active engagement: Full data retention
- • Post-engagement: 7 years minimum
- • Data deletion on request (contractual)
- • Regular data purging protocols
Security Brief
Download our comprehensive 2-page security brief with detailed architecture diagrams and control descriptions.
Download Security Brief (PDF)Data Protection & NDAs
For data processing agreements, NDAs, or security documentation requests, please contact us.
Contact Us