Security
Security is at the core of everything we build. Here's how we protect your data.
Security Overview
Gatekeeper is built with security-first principles. Our architecture uses verifiable delay functions (VDFs) and cryptographic proofs to ensure that deletion requests cannot be bypassed, even by administrators with full system access.
Infrastructure Security
All data is hosted on AWS with encryption at rest (AES-256) and in transit (TLS 1.3). Our infrastructure is deployed across multiple availability zones with network isolation, private subnets, and strict security group policies. We use S3 Object Lock for immutable backup storage.
Access Controls
We enforce multi-factor authentication (MFA) for all users. Role-based access control (RBAC) ensures users only have access to the resources they need. All actions are recorded in an immutable, cryptographically signed audit log that cannot be modified or deleted.
Compliance
We are pursuing SOC 2 Type II certification and design our systems to be GDPR-ready. Our audit logging and retention features help customers meet their own compliance requirements for data governance and regulatory reporting.
Vulnerability Disclosure Program
We welcome responsible disclosure of security vulnerabilities. If you discover a security issue, please report it to our security team. We commit to acknowledging reports within 24 hours and providing updates on remediation progress.
Security Contact
For security inquiries or to report vulnerabilities, contact us at security@gatekeeper.tech