Complete client isolation.
Every compliance workspace is completely isolated. Client documents, assessment logs, and remediation tasks stay permanently partitioned at the database layer, preventing any data leaks.
TrueStele treats data isolation, evidence boundaries, and custodian chains as core architectural specifications. A cross-tenant data leak is not a support ticket; it is an existential event.
Logical data flow chart mapping tenant isolation protocols, secure S3 folders, and temporary token paths.
Product Interface SpecUnlike general-purpose task systems that aggregate customer files into central folders, TrueStele isolates every audit portfolio into dedicated database environments.
Every compliance workspace is completely isolated. Client documents, assessment logs, and remediation tasks stay permanently partitioned at the database layer, preventing any data leaks.
Relying on email attachments or unencrypted Drive links creates persistent security risks. TrueStele retrieves files using short-lived OAuth sessions and stores only metadata.
Keep files inside your own Google Drive or Microsoft OneDrive cloud. TrueStele acts as a stateless compliance analysis layer, never copying documents to our servers.
Inspect our system security controls, physical backup frequencies, and authorization protocols.
| Control Area | Specification Detail | Defensibility Status |
|---|---|---|
| Data Encryption | AES-256 at rest, TLS 1.3 in transit with perfect forward secrecy | ACTIVE |
| Custodian Isolation | Tenant-scoped AWS IAM policies, isolated database paths per firm | ACTIVE |
| Access Logs | Permanent audit logs tracking workspace logins, evidence access, and report generation | ACTIVE |
| Backup RPO / RTO | Hourly point-in-time database snapshots replicated across 3 availability zones | ACTIVE |
| Vulnerability Audits | Quarterly external black-box penetration tests, continuous automated vulnerability scans | ACTIVE |
Schedule a walkthrough with our security engineering team to inspect our tenant isolation barriers, Privacy Vault integrations, and data residency configurations.