Sintesi della postura di sicurezza

Questa sintesi descrive l'ambiente di controllo della piattaforma per clienti enterprise ed è fornita per security review e valutazioni procurement.

Governance and responsibility

Client retains full ownership of tenant data.

The platform provides reporting, classification, and workflow infrastructure; it does not perform custody or statutory accounting functions.

Structural changes are versioned and historical states are preserved.

Logical security

OIDC and SAML 2.0 are supported through enterprise identity providers.

Tenant-scoped, role-based, and object-level controls are enforced within the platform.

Services and operators have access limited to required scope only.

Data protection

TLS protects external and internal communications.

Tenant data is encrypted using industry-standard mechanisms.

Tenant-selected hosting region is enforced at infrastructure level.

Availability and resilience

The application layer is designed for horizontal scaling and replacement.

Failures in non-critical services do not compromise core data access.

Authorisation state remains consistent during identity-provider outages.

Auditability and integrity

Reporting and classification changes are historically traceable.

The platform does not auto-adjust, rebalance, or normalise data without explicit action.

Outputs are reproducible from stored inputs.

Third-party dependencies

Enterprise-grade provider for SSO and federation.

Cloud-based infrastructure with region-specific deployment.

External services are limited to necessary operational functions.

Tecnologia

Comprendi come architettura dati e infrastruttura supportano operazioni critiche con sicurezza e scala.