Security

Security is a feature, not a footnote.

How we protect tenant data, how we earn trust, and how to report a vulnerability.

Posture at a glance

Defense at every layer.

From the first byte off the wire to the last write into the audit chain, every layer of ArchiTide is opinionated about safety.

Encryption everywhere

TLS 1.2+ in transit. AES-256 at rest for the database, object storage, and backups. Per-tenant key wrapping.

Multi-tenant isolation

Postgres row-level security on every table. The application can not even ask for another tenant's data — the database refuses to return it.

Auth that is hard to fool

JWT (access + refresh), bcrypt password hashing, brute-force lockout after 5 failed logins, optional 2FA / TOTP, OIDC SSO.

Granular RBAC

30+ permission codenames, four built-in roles, and a custom role editor — every API call is checked against the caller's permissions, no exceptions.

Tamper-evident audit

Every write produces an audit record. Records are linked by SHA-256 — any modification breaks the chain and shows up immediately.

Defensive defaults

HSTS, X-Frame-Options DENY, strict CSP, X-Content-Type-Options, Referrer-Policy and Permissions-Policy — set on every response.

Operational security

How we run the platform.

  • Separate accounts and networks for staging and production. No shared credentials.
  • Just-in-time, audited admin access via short-lived SSH certificates and an internal bastion.
  • Daily encrypted backups with monthly restore drills.
  • Centralised logging into a SIEM with 13-month retention.
  • CI gates: typecheck, lint, unit + integration tests, dependency scan, container scan.
Compliance

Built for the strictest customer.

  • GDPR-ready data export and erasure flows out of the box.
  • Per-tenant data residency option (US-East, US-West, EU-Central).
  • Vendor management questionnaires available under NDA.
  • Penetration test executive summary refreshed annually.
  • Subprocessor list maintained on this page below.
Subprocessors

Who touches your data.

A short, deliberate list — we expand it only when there is a clear customer benefit.

AWS
Amazon Web Services

Compute, managed Postgres, object storage, KMS — US & EU regions

CF
Cloudflare

TLS termination, WAF, DDoS mitigation

SG
SendGrid

Transactional email delivery for alerts and digests

DD
Datadog

Application metrics, traces, infrastructure monitoring

GH
GitHub

Source control + CI for our own platform code

PD
PagerDuty

On-call paging and incident response coordination

Disclosure

Found a vulnerability? Tell us first.

We respond within one business day to every report, run a coordinated-disclosure timeline, and credit researchers (with permission) in our changelog.

security@archipelagointeractive.com Request the SOC 2 readiness pack
< 1d
First response to security reports
90d
Coordinated disclosure window
100%
Of writes appear in the audit chain
26
DB indexes auto-applied at startup