Security & Data Protection

How we isolate, encrypt, and audit your financial records.

Database Tenant Isolation

Every workspace query is scoped with hard cryptokeys. The database architecture separates customer records logically, preventing data bleed across organizations.

Authentication & Sessions

Sessions are guarded by TLS 1.3 encryption. Failed login attempts lock account access instantly and issue alerts to administrators.

Role-Based Access Control (RBAC)

Limit permissions with Admin, User, and Viewer roles. Audits log every transaction alteration, workspace invite, and data export.

Encryption standards

Files and backups are encrypted using industry-standard AES-256 keys. All network data transfers are forced through HTTPS connections.

Security Best Practices

Enforce strong passphrases

Enforce multi-character, unique passphrases across all team invitations.

Review active sessions regularly

Navigate to Settings > Sessions to audit logged-in browser scopes.

Limit Admin access privileges

Reserve the Admin role strictly for owners. Assign external accountants the read-only Viewer role.

Compliance Roadmap

Money OS is built from the ground up to align with institutional frameworks:

**SOC 2 Type II Alignment**: Policies and automated logs conform to security trust guidelines.
**ISO 27001 Roadmap**: Implementing controls in preparation for audit validation.
**GDPR & CCPA**: User records are fully erasable upon validated requests.

Security FAQ & Reporting

How do I report a security vulnerability?

If you detect a vulnerability, please email us directly at moneyos@webasthetic.in. We review and deploy hotfixes within 24 hours.

Does Money OS store raw bank login credentials?

No. Money OS does not hold bank credentials. Financial updates are created by manual entries, webhook updates, or secure CSV statement imports.