Security

Enterprise-grade security for your deals.

Your deal documents contain sensitive financial and legal information. ClosingIQ is built from the ground up to protect it.

πŸ”’

Data Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.3). Documents stored with signed URLs that expire after 5 minutes.

🏒

Workspace Isolation

Multi-tenant architecture with workspace-level isolation. Your documents are never accessible to other users or workspaces.

πŸ‘€

Access Control

Role-based access control (RBAC) with four permission levels: Owner, Admin, Analyst, and Viewer. API keys are SHA-256 hashed.

πŸ€–

AI Safety

All AI prompts include injection protection. Document content is treated as untrusted input. AI never makes security or access control decisions.

πŸ“‹

Compliance

Built on enterprise cloud infrastructure with SOC 2 Type II compliant services. GDPR-ready with data deletion capabilities.

πŸ“

Audit Logging

Complete audit trail for all authentication events, document operations, and administrative actions. Tamper-resistant logs.

πŸ“€

Secure Uploads

Direct-to-storage uploads via signed URLs. Files are never proxied through application servers. Magic byte validation prevents disguised file types.

πŸ”‘

API Security

API keys use the ciq_live_ prefix pattern. Keys are SHA-256 hashed β€” only shown once at creation. Scoped permissions and rate limiting per key.

Have security questions?

We understand enterprise procurement. Contact our security team for our SOC 2 report, data processing agreement, or to discuss your specific compliance requirements.

Contact Security Team