Security Infrastructure
Every layer of the LIAM platform is designed with defense-in-depth principles.
Encryption
AES-256 encryption at rest for all data. TLS 1.2+ for all data in transit. Tenant-specific encryption key management.
Access Control
Role-based access control (RBAC) with granular permissions. SSO/SAML 2.0 and OIDC integration. Multi-factor authentication support.
Audit Logging
Comprehensive logging of all data access and modifications. Tamper-evident log storage. Minimum 7-year retention for compliance.
Data Isolation
Multi-tenant architecture with cryptographic tenant isolation. Organization-scoped database queries. Cross-Tenant Isolation Proof system.
Threat Detection
AI-powered automated threat detection and response. 24-hour breach notification. Real-time security monitoring and alerting.
Compliance
CMMC 2.0 Level 1-3 assessment framework. HIPAA-ready with BAA support. GDPR, POPIA, and Ghana DPA compliant.
Compliance & Certifications
We maintain compliance with major regulatory frameworks across healthcare, defense, and data protection.
CMMC 2.0
Framework ImplementedLevel 1-3 assessment and evidence management
HIPAA
BAA AvailableBusiness Associate Agreement for healthcare deployments
GDPR
DPA AvailableArticle 28 compliant Data Processing Agreement
POPIA
CompliantSouth African data protection compliance
SOC 2 Type II
In ProgressAudit scheduled for Q3 2026
FedRAMP
Planned16 control families documented, authorization in progress
Legal Documents
Transparent policies and agreements that protect both you and your customers.
Responsible Disclosure
We take security vulnerabilities seriously. If you discover a potential security issue, please report it responsibly. We commit to acknowledging reports within 24 hours and providing an initial assessment within 72 hours.
Email: [email protected]
PGP Key: Available upon request
Scope: All *.evanstontec.com and *.liamplatform.com domains and APIs