Enterprise Security

Security & Compliance you can trust

Your clients trust you with their most sensitive financial information. We built Astraea to meet and exceed the highest security standards in the industry.

FIPS 140-3

Cryptographic Compliance

IRS Pub 1075

Tax Data Protection

SOC 2 Type II

Security Controls

AWS GovCloud

Infrastructure

FIPS 140-3 Encryption

All data is encrypted using FIPS 140-3 validated cryptographic modules. This includes data at rest (AES-256) and in transit (TLS 1.3).

At Rest

AES-256-GCM

In Transit

TLS 1.3

Key Management

AWS KMS

Validation

FIPS 140-3 Level 1

Authentication & Access

Enterprise-grade identity management powered by AWS Cognito with OIDC support. Role-based access control ensures users only see what they need.

Identity Provider

AWS Cognito

Protocol

OIDC / OAuth 2.0

MFA

TOTP / SMS

SSO

SAML 2.0

Immutable Audit Trails

Every access, view, download, and modification is logged with tamper-proof timestamps. Complete visibility for compliance audits and security investigations.

Document Viewed2024-02-15 14:32:18 UTC

@john.preparerW2_Smith_2024.pdf

Data Extracted2024-02-15 14:32:45 UTC

@systemAI extraction completed

XML Exported2024-02-15 14:35:02 UTC

@john.preparerTo UltraTax CS

IRS Publication 1075

Astraea is built to comply with IRS Publication 1075 requirements for safeguarding Federal Tax Information (FTI). This includes strict controls on access, storage, and transmission.

Background checks for all personnel with FTI access

Physical and logical access controls

Secure disposal procedures

Incident response and breach notification protocols

Annual security awareness training

Secure Document Delivery

Documents shared with clients are protected by time-limited, token-based access. Every download is tracked and watermarked for accountability.

Access Control

Token-based

Link Expiry

Configurable

Watermarking

Automatic

Download Limits

Enforced

Infrastructure Security

Hosted on AWS with GovCloud eligibility. Multi-region redundancy ensures 99.99% uptime with automatic failover and disaster recovery.

Platform

AWS

Regions

US Multi-AZ

Uptime SLA

99.99%

Backup

Daily / 30-day

Our Security Practices

Security isn't just a feature—it's the foundation of everything we build. Here's how we protect your data every day.

Secure Development

All code undergoes security review and automated vulnerability scanning before deployment. We follow OWASP best practices.

Regular Penetration Testing

Third-party security firms conduct annual penetration tests. Critical findings are remediated within 24 hours.

Employee Security

All team members complete background checks and ongoing security training. Access is granted on a need-to-know basis.

Incident Response

24/7 security monitoring with documented incident response procedures. Customers are notified of any breaches within 72 hours.

Data Retention

Configurable retention policies let you control how long data is stored. Secure deletion when data is no longer needed.

Vendor Management

All third-party vendors undergo security assessment before onboarding. We maintain a continuously updated vendor risk register.

Questions about security?

We're happy to discuss our security practices in detail, provide documentation for your compliance team, or schedule a security review call.

Contact Security Team Request Documentation

Security Breaches

99.99%

Uptime SLA

24/7

Monitoring

<72hr

Breach Notification

Ready to see Astraea in action?

Schedule a demo and see how our security-first approach protects your practice and your clients.

Schedule a Demo Explore Features