Security & Compliance
Security architecture, compliance certifications, and data protection.
Last updated
Mistvine is built with security as a foundational principle. This document provides an overview of our security architecture and compliance posture for customers evaluating the platform.
Security Architecture
Defense-in-Depth
Mistvine implements a layered security architecture where authorization is enforced at the database layer, not the application layer. This design ensures that application-level vulnerabilities cannot escalate to unauthorized data access.
| Layer | Function |
|---|---|
| Application | Authentication, request validation |
| Database | Authorization enforcement |
| Audit | Tamper-evident logging |
Database-Level Authorization
All database tables enforce authorization policies at the database layer. Authorization logic lives in the database, not application code.
Key metrics:
- 100% of tables have RLS enabled
- All CRUD operations are policy-protected
- No privileged credentials in application code
Authentication
- JWT-based authentication with server-side validation
- Tokens validated with auth server on every request
- HTTP-only, secure cookies with SameSite protection
- Support for multi-factor authentication
Multi-Tenant Isolation
Each organization operates in complete isolation from others through multiple independent mechanisms:
- URL isolation - Subdomain-based routing
- Session isolation - Organization-scoped authentication
- Data isolation - Database-level tenant separation
Users belonging to multiple organizations maintain separate, independent sessions for each.
Audit Logging
Immutable Audit Trail
All significant operations are logged to a tamper-evident audit trail:
- Authentication events
- Authorization changes
- Data modifications
- Administrative actions
- Security events
Audit records cannot be modified or deleted after creation. Database policies enforce immutability.
What We Log
- Actor identity (or anonymous for sensitive operations)
- Action performed
- Resource affected
- Timestamp (server-generated)
- Request context
Legal Hold System
Mistvine supports data preservation for litigation and regulatory compliance:
- Hold creation and management by organization admins
- Automatic blocking of affected data deletion
- Immutable violation logging
- GDPR Article 17(3)(e) compliant
The system uses fail-closed logic: if hold status cannot be determined, operations that could destroy data are blocked.
Data Privacy
GDPR Compliance
| Right | Supported |
|---|---|
| Rectification (Art. 16) | Yes |
| Erasure (Art. 17) | Yes* |
| Object (Art. 21) | Yes |
*Subject to Article 17(3) exceptions (legal holds, legal claims)
Privacy by Design
- Data minimization in queries
- Purpose limitation
- Consent management with full audit trail
- PII sanitization in logs
Account Deletion
Users can request account deletion through Settings. The process includes:
- Identity verification
- Prerequisite resolution (ownership transfer, legal hold check)
- Data anonymization
- Session termination
Application Security
Security Headers
- Content Security Policy (CSP)
- HTTP Strict Transport Security (HSTS)
- Clickjacking protection
- MIME sniffing prevention
Input Validation
All user input is validated using schema validation before processing. Database queries are parameterized to prevent injection attacks.
SOC 2 Alignment
Mistvine's controls are designed to align with SOC 2 Trust Services Criteria. Formal audit certification is planned for a future date.
| Category | Coverage |
|---|---|
| CC6: Access Controls | Provisioning, authentication, authorization, removal |
| CC7: System Operations | Monitoring, anomaly detection, incident response |
| C1: Confidentiality | Data protection, secure disposal |
| Privacy (P1-P8) | Notice, consent, collection, use, access, disclosure |
Controls aligned with SOC 2 TSC definitions, pending formal audit verification.
ISO 27001 Alignment
Mistvine's security controls align with ISO/IEC 27001:2022 Annex A requirements. We are ISO 27001 ready and preparing for formal certification.
| Annex A Control | Coverage |
|---|---|
| A.5: Information Security Policies | Documented security policies, regular review cycles |
| A.6: Organization of Security | Defined roles and responsibilities, segregation of duties |
| A.7: Human Resource Security | Security awareness, onboarding/offboarding procedures |
| A.8: Asset Management | Data classification, acceptable use policies |
| A.9: Access Control | Role-based access, least privilege, passwordless authentication (OTP / magic link / SAML SSO) |
| A.10: Cryptography | AES-256 at rest, TLS 1.2+ in transit (TLS 1.3 preferred), key management |
| A.12: Operations Security | Change management, capacity planning, malware protection |
| A.14: System Development | Secure development lifecycle, security testing |
| A.16: Incident Management | Incident response procedures, breach notification |
| A.18: Compliance | GDPR compliance, audit logging, legal hold support |
Controls aligned with ISO 27001:2022 Annex A, pending formal audit certification.
Infrastructure Security
Mistvine is hosted on infrastructure providers that maintain SOC 2 Type II certification:
| Control | Status |
|---|---|
| Infrastructure vendors | SOC 2 Type II certified |
| Encryption at rest | AES-256 |
| Encryption in transit | TLS 1.2+ (TLS 1.3 preferred) |
| DDoS protection | Enabled |
| Backup | Point-in-time recovery |
| Edge network | Global CDN |
Security Contact
For security inquiries or to report vulnerabilities, email support@mistvine.com.