Security
Built for the operators who can’t afford to leak.
Stratumly is designed so a regional water utility, a council, or a critical-infrastructure operator can adopt it without compromising their data control posture. We tag every control with where it stands today, with no over-claiming.
Controls and posture
Encrypted in transit
AvailableTLS 1.3 for every connection between the browser, mobile app, and Stratumly services.
Encrypted at rest
AvailablePostgres data and object storage are encrypted at rest using cloud-provider-managed keys (AES-256).
Authentication & access
AvailableJWT-based auth with rotating refresh tokens, bcrypt-hashed passwords, and per-organisation isolation.
Edit audit trail
AvailableEvery create, update, and delete on a feature layer is recorded with user, timestamp, and diff for traceability.
Organisation-wide audit export
In developmentExport read-and-write logs for the whole tenancy, required by some regulated buyers.
UK & EU data residency
In developmentMulti-region hosting with deterministic data placement, suitable for utilities, councils, and government workloads.
Sovereign deployment
PlannedRun Stratumly inside your own tenancy so spatial data and twin telemetry never leave your environment.
Customer-managed encryption keys
PlannedBring your own KMS for at-rest encryption on enterprise tiers.
ISO 27001
PlannedFormal certification is on the 2027 roadmap. We don't claim what we haven't yet been audited for.
Detailed certifications, sub-processor lists, and security questionnaires will be published here as we complete each milestone. If you’re evaluating Stratumly for a regulated workload, get in touch and we’ll share what we have today.