Platform Security

Decision Pipelines™ is built with security at every layer. Detailed documentation is available in the document library.

Infrastructure

Hosted on Digital Ocean (NYC region, US). Digital Ocean maintains SOC II Type II and ISO 27001 certifications. All client data resides in the United States.

Encryption

All data encrypted in transit (TLS 1.2+) and at rest (AES-256). HSTS enforced. Application-layer encryption for sensitive fields.

Tenant Isolation

Shared-database, row-level tenant isolation with mandatory ORM-level query scoping. Validated by automated tests on every deployment.

Application Security

Peer-reviewed code, CI/CD security scanning, OWASP Top 10 protections, immutable deployments.

Access Control

Least privilege with MFA on all production access. Quarterly access reviews. No routine personnel access to client data.

Register for detailed documentation