TrueStele Security Posture

Security is fundamental infrastructure, not a checklist.

TrueStele treats data isolation, evidence boundaries, and custodian chains as core architectural specifications. A cross-tenant data leak is not a support ticket; it is an existential event.

Stateless Security Boundaries Screenshot

Logical data flow chart mapping tenant isolation protocols, secure S3 folders, and temporary token paths.

Product Interface Spec
Security Architecture

Enforcing firm boundaries around sensitive client evidence.

Unlike general-purpose task systems that aggregate customer files into central folders, TrueStele isolates every audit portfolio into dedicated database environments.

Tenant Separation

Complete client isolation.

Every compliance workspace is completely isolated. Client documents, assessment logs, and remediation tasks stay permanently partitioned at the database layer, preventing any data leaks.

Short-Lived Access

Files are retrieved in session and never stored on TrueStele servers as local copies.

Relying on email attachments or unencrypted Drive links creates persistent security risks. TrueStele retrieves files using short-lived OAuth sessions and stores only metadata.

In-Place Storage

Keep files inside your own Google Drive or OneDrive.

Keep files inside your own Google Drive or Microsoft OneDrive cloud. TrueStele acts as a stateless compliance analysis layer, never copying documents to our servers.

Verification Specs

Compliance & Data Protection Controls

Inspect our system security controls, physical backup frequencies, and authorization protocols.

Control AreaSpecification DetailDefensibility Status
Data EncryptionAES-256 at rest, TLS 1.3 in transit with perfect forward secrecyACTIVE
Custodian IsolationTenant-scoped AWS IAM policies, isolated database paths per firmACTIVE
Access LogsPermanent audit logs tracking workspace logins, evidence access, and report generationACTIVE
Backup RPO / RTOHourly point-in-time database snapshots replicated across 3 availability zonesACTIVE
Vulnerability AuditsQuarterly external black-box penetration tests, continuous automated vulnerability scansACTIVE
Security Walkthrough

Ask us how client data is isolated.

Schedule a walkthrough with our security engineering team to inspect our tenant isolation barriers, Privacy Vault integrations, and data residency configurations.