Security Measures that Lead by Example

At FileScience, we go beyond simply storing your files—we safeguard your most valuable assets with industry-leading security measures. Here's how we ensure your data remains secure, compliant, and fully under your control:

ISO 27001

Compliant with the new ISO 27001 and SOC 2 standard, setting a global benchmark for secure environments.

ISO 27001

End-to-end encryption: AES-256 encryption at rest and TLS 1.3+ for data in transit.

We employ cutting-edge techniques to detect and eliminate security vulnerabilities, bugs, and breaches.

Information Security

Product Security

Network Security

Organizational Security

Privacy

Infrastructure Security

Threat Management

Product Security

Comprehensive Audit Logging Mechanisms

Cyber Guardian Consulting Group implements extensive audit logging to ensure meticulous tracking of system interactions. Clients may export detailed activity logs across critical security domains, including:

  • User authentication and session activities
  • System event records
  • Encryption status of storage devices (BitLocker and FileVault)
  • Unique hardware serial identifiers
  • Active process monitoring
  • Advanced Identity and Access Management

Multi-Factor Authentication (MFA) Enforcement

We mandate MFA for both corporate and client-facing environments, leveraging industry-standard authentication mechanisms through Okta and equivalent enterprise-grade identity providers.

Granular Role-Based Access Control (RBAC)

Our endpoint security architecture is predicated on a structured RBAC model, permitting fine-grained access assignment aligned with user roles, responsibilities, and organizational hierarchies.

Enterprise API and System Integrations

Cyber Guardian integrates with industry-standard platforms, ensuring interoperability and enhanced security postures:

  • Identity and Access Management (IAM): Okta, Azure AD
  • Business Process Automation: Accelo, ConnectWise
  • Additional integrations available upon request

Information Security

Data Protection Leadership

Cyber Guardian employs a dedicated Data Protection Officer (DPO) overseeing regulatory compliance and data governance. Inquiries may be directed to our Privacy Team.

Comprehensive Encryption Protocols

  • Data at Rest: All stored information undergoes AES-256 encryption, ensuring maximum cryptographic integrity.
  • Data in Transit: Secure TLS 1.3 protocol are enforced to protect sensitive information exchange.
  • Password Security: We adhere to NIST cryptographic guidelines, implementing stringent hashing algorithms, key derivations, and secured storage methodologies.

Access Control Audits and Monitoring Frameworks

Cyber Guardian adheres to a principle of least privilege (PoLP), conducting periodic access control reviews to mitigate unauthorized system interactions. Policies undergo annual reassessments for optimal effectiveness.

Data Integrity and Backup Strategies

We maintain a rigorous data redundancy plan with real-time monitoring and encrypted storage solutions:

  • Backup Frequency: Nightly full backups
  • Disaster Recovery Protocols: Automated fault detection and incident remediation

Key Management and Cryptographic Governance

Unique encryption keys are programmatically generated and stored via Amazon KMS, subject to stringent lifecycle management, audit logging, and third-party attestation.

Network Security

We maintain a centralized inventory encompassing physical, virtual, and software-based assets, ensuring security and compliance adherence.

Data Residency and Classification Policies

Client data is regionally stored within AWS environments, strictly adhering to sovereignty laws and regulatory mandates. A formalized data classification schema governs confidentiality levels, retention policies, and access control mechanisms.

Our remote security framework employs:

  • Secure Data Transmission: OpenSSL 3 with SHA256/SHA512 integrity verification
  • Strong Encryption Standards: AES-256-GCM and GMAC encryption
  • Advanced Key Exchange Mechanisms: x25519 elliptic-curve cryptography
  • Password Key Derivation: PBKDF2 implementation for strengthened credential security
  • End-to-End Encrypted Communications: Peer-to-peer encryption ensuring backend operational isolation

Cloud and Network Security Architecture

Our production infrastructure is hosted within AWS, inheriting stringent physical security protocols including restricted facility access, network segmentation, and multi-tiered firewall enforcement.

Organizational Security

Pre-Employment Screening and Verification

All personnel undergo rigorous background verification prior to onboarding, with mandatory compliance to:

  • Ethical Code of Conduct
  • Acceptable Use Policies (AUP)
  • Comprehensive Security Handbook acknowledgment

Mandatory Cybersecurity Awareness Training

Cybersecurity training is embedded within our onboarding and annual compliance frameworks, featuring rigorous assessment criteria to ensure comprehension and adherence.

Asset Management and Change Control Policies

We deploy enterprise-grade asset visibility tools and maintain structured change management protocols, systematically evaluating IT infrastructure modifications to ensure continued security resilience.

Privacy

Data Processing Agreement (DPA) Enforcement

We implement a formalized DPA governing the processing, storage, and security of personal and enterprise data.

Incident Response and Breach Management

  • Incident Response Framework (IRF): A structured protocol governing security incident detection, mitigation, and forensic analysis.
  • Data Breach Notification Compliance: Adherence to jurisdiction-specific breach notification mandates.
  • LGPD
  • PIPEDA

Business Continuity and Disaster Resilience Strategies

  • Business Continuity Planning (BCP): Enterprise-wide contingency protocols subjected to annual resilience testing.
  • Disaster Recovery (DR) Methodologies: Recovery operations enforced through dedicated teams and predefined escalation workflows.
  • Recovery Time Objective (RTO): 6-12 hours based on service-level criticality.
  • Recovery Point Objective (RPO): Latest available backup replication (Daily).

Infrastructure Security

SOC 2 Type II and SOC 3 Compliance Frameworks

Our AWS cloud environments undergo annual audits against security, availability, confidentiality, and privacy benchmarks, with SOC 3 public reporting available upon request.

Physical Security and Data Center Access Restrictions

AWS data centers employ geographically redundant architectures, fortified with multi-tiered security controls to mitigate unauthorized physical access risks.

Threat Management

Proactive Vulnerability Management and Continuous Monitoring

We implement an advanced threat detection system, featuring:

  • Real-time vulnerability assessments
  • Annual third-party penetration testing engagements
  • Dynamic security posture evaluations

Ethical Hacking and Bug Bounty Initiatives

A structured vulnerability disclosure program facilitates responsible reporting and remediation of security weaknesses.

Strategic Risk Management Frameworks

A systematic risk assessment methodology is employed to identify, analyze, and mitigate cybersecurity threats, ensuring enterprise-wide resilience against evolving threat vectors.

Enterprise-Scale Endpoint Security Measures

Cyber Guardian leverages state-of-the-art endpoint protection technologies, ensuring layered defense-in-depth mechanisms against sophisticated cyber threats.

Stringent Subprocessor Evaluations

We enforce rigorous security screening procedures for third-party service providers, ensuring compliance with contractual obligations and data protection standards.

Third-Party Risk Management (TPRM) Implementation

An advanced TPRM framework is employed to continually evaluate external vendor security controls, mitigating potential operational risks.