Security Overview
SpendSight is engineered with a "Security-First" architecture to protect your organization's most sensitive financial intelligence.
Encryption at Rest
All organizational data, including uploaded contracts and line-item details, is encrypted using industry-standard **AES-256** encryption at the storage layer.
Data Isolation
We employ strict logical multi-tenancy. Your organization's data is isolated from all other customers, ensuring no cross-contamination of intelligence.
Infrastructure
SpendSight is hosted on **AWS (Amazon Web Services)** in high-availability regions, utilizing multiple availability zones for 99.9% uptime and disaster recovery.
Secure Authentication
We utilize industry-standard, secure authentication protocols to ensure your data is protected. Our platform supports multi-factor authentication and single sign-on (SSO) for enterprise environments.
SOC-2 Readiness
We are currently in the audit period for SOC-2 Type 1 compliance. All platform controls already follow the AICPA Trust Services Criteria for Security and Confidentiality.
Have questions regarding our security posture?
support@getspendsight.com