Security & Compliance
We design with least‑privilege, encrypted data flows, and auditable controls. For disclosure or urgent issues, email security@dimarak.com.
SSO / OIDC
RBAC
Audit logs
Encryption
Data residency
Controls overview
Access Management
- SSO / OIDC (Google, GitHub) with optional MFA (via IdP)
- Role‑based access control (RBAC) with least privilege
- Granular project- and environment-level permissions
Data Protection
- Encryption in transit (TLS 1.2+)
- Encryption at rest (cloud‑managed keys)
- Backups with periodic restore tests
Logging & Audit
- Structured logs for critical actions
- Immutable audit trails (read/export)
- Alerting on auth & privilege anomalies
Application Security
- Secure SDLC (code review, dependency scanning)
- OWASP‑informed testing & threat modeling for new features
- Secrets management via cloud vaults
Infrastructure
- VPC isolation and security groups
- Hardened CI/CD with least‑privilege deploy roles
- Regional deployments & data residency on request
Business Continuity
- RTO/RPO targets defined per engagement
- Incident playbooks & on‑call escalation paths
- Uptime targets with SLAs (see Pricing)
Data handling & retention
Standard practices
- Encryption in transit (TLS 1.2+) and at rest
- Region selection & data residency on request
- DPAs for applicable customers
- Data deletion upon contract termination or per request
Retention
Defaults are set per‑engagement. Logs and backups follow configurable retention policies. We can align with your policy during discovery.
Incident response
Detect
Monitoring & alerting across app and infra layers.
Triage
Assess severity, assemble incident commander and on‑call.
Contain & Remediate
Limit blast radius, apply fixes, validate.
Post‑mortem
Timeline, root cause, corrective actions, customer comms.
Policies & documents
Need a security questionnaire or a custom DPA? Contact us.
Request a security review
We\'ll walk through controls, data flows, and SLAs with your team.