Security & Compliance
Audit Checklist.
A transparent breakdown of our security controls and compliance posture. We maintain high standards so your firm stays audit-ready.
Infrastructure & Data Protection
Enable encryption at rest
Backblaze B2 AES-256
Enable encryption in transit
TLS 1.3 via Cloudflare
Object Lock enabled on bucket
Compliance mode, 10-year retention
Firewall / network access restricted
Cloudflare Zero Trust + Gateway
Retention & Immutability (WORM)
10-year Compliance lock on Final
Enforced via /Final/ bucket prefix
Versioning for Source documents
B2 versioning + JuiceFS snapshots
Trash enabled (safety net)
30-day metadata retention
Access Control & Multi-Tenancy
Per-taxpayer directory isolation
Enforced via JuiceFS quotas
Accounting firm IAM isolation
Dynamic prefix-based policies
No shared admin keys
Unique keys per user/CPA firm
Operations & Disaster Recovery
Metadata Backups
Daily automated backups of Valkey metadata with point-in-time recovery. Verified weekly.
Incident Response
Documented 1-page response plan with 24h guaranteed engineer oversight for critical events.
Need the full SOC 2 Whitepaper?
We provide comprehensive security reports for our enterprise partners and professional firms upon request.