Data Protection
Encryption
- All data in transit is encrypted using TLS 1.3
- All data at rest is encrypted using AES-256
- Database connections use SSL/TLS
- Encryption keys are managed using cloud-native key management services
Multi-Tenant Architecture
- Strict data isolation between tenants using PostgreSQL Row-Level Security
- Tenant context verified on every API request
- No cross-tenant data access is possible
Access Control
- Role-based access control (RBAC) with granular permissions
- Multi-factor authentication (MFA) available for all accounts
- Single Sign-On (SSO) support for enterprise plans
- Session management with automatic timeout
- API access controlled via secure tokens
Infrastructure Security
- Hosted on enterprise-grade cloud infrastructure
- Network isolation with VPC and security groups
- DDoS protection and WAF
- Regular security patches and updates
- Multi-region deployment for disaster recovery
Monitoring & Incident Response
- 24/7 infrastructure monitoring
- Automated alerting for security anomalies
- Comprehensive audit logging of all actions
- Documented incident response procedures
- Regular security drills and tabletop exercises
Compliance
We are committed to meeting industry security standards:
- SOC 2 Type II: In progress
- GDPR: Compliant
- ISO 27001: Planned
Security Testing
- Regular vulnerability assessments
- Annual third-party penetration testing
- Continuous security scanning in CI/CD pipeline
- Bug bounty program (coming soon)
Responsible Disclosure
If you discover a security vulnerability, please report it responsibly to security@decisio.ai. We appreciate your help in keeping Decisio secure.
Questions?
For security-related inquiries, please contact our security team at security@decisio.ai.