Data At Rest & Storage Security
Your data is protected at every level of our infrastructure with enterprise-grade encryption, key management, and secure storage practices.
How We Protect Stored Data
Beyond encrypting data in transit, we ensure that all data stored on our systems remains protected from unauthorized access through comprehensive encryption and access controls.
Envelope Encryption (AES-256-GCM)
Sensitive fields are encrypted at rest using envelope encryption with AES-256-GCM and key lineage controls.
Data Sovereignty
All data is stored exclusively in Australia with compliance to recognised standards (e.g., ISO 27001, SOC 2). We select cloud/data-centre providers who themselves maintain rigorous security, resilience and auditing practices.
Tenant Isolation
Tenant data is encrypted with profile-scoped key material to strengthen data isolation between organisations. Production environments are logically separated with strict access controls and monitoring to prevent cross-tenant data access.
Infrastructure Security Standards
- ISO 27001 certified data centres
- SOC 2 Type II compliant hosting
- Physical security with 24/7 monitoring
- Redundant power and cooling systems
- Regular security audits and assessments