Report
Data Security & Compliance Brief
How VissoraX meets SOC 2, GDPR, and enterprise security standards.
Security isn't a feature at VissoraX — it's the foundation. This brief provides a detailed overview of our security architecture, compliance certifications, and the practices that protect your financial data.
All data is encrypted at rest using AES-256 encryption and in transit via TLS 1.3. Database access is controlled through row-level security policies, ensuring every query is automatically scoped to the authenticated user's permissions.
VissoraX maintains SOC 2 Type II compliance, demonstrating ongoing adherence to trust service criteria for security, availability, and confidentiality. We undergo annual third-party penetration testing and continuous vulnerability scanning.
For GDPR compliance, we provide data portability tools, right-to-deletion workflows, and transparent data processing agreements. Data residency options allow customers to choose their deployment region.
Our audit trail captures every significant action — data access, permission changes, integration connections, and configuration updates. This provides full transparency for internal governance and external compliance requirements.
Authentication supports SSO (SAML 2.0, OAuth 2.0), multi-factor authentication, and IP allowlisting for enterprise deployments. Session management includes automatic timeout and concurrent session controls.