Security
Trust & security evidence
Controls, access management, and operational security for financial and digital asset operations. No hype; evidence-based approach.
1. Access control & identity
Role-based access control (RBAC) across production systems. Identity verification and KYC alignment for regulated flows. Privileged access limited, logged, and periodically reviewed. Multi-factor authentication where applicable. No shared production credentials.
2. Data protection & encryption
Encryption in transit (TLS) and at rest for sensitive data. Segregation of personally identifiable information (PII) and financial data. Audit logs retained for regulatory and internal review. Data handling aligned with applicable privacy and financial regulations.
3. Operational security & resilience
Incident detection, response, and escalation procedures. Redundant paths and failover where critical. Regular operational reviews and runbook updates. Where we interface with digital assets or on-chain infrastructure, key management and custody controls are strictly separated and documented.