At Bhatt Services, security is not an afterthought; it is the foundation of our cognitive infrastructure. We employ a Defense-in-Depth strategy to protect Client Data, ensuring confidentiality, integrity, and availability across all our systems.
Infrastructure Security
✓ Hosted on Tier-1 Cloud Providers (AWS/Vercel)
✓ Automated DDoS Protection (Cloudflare)
✓ Containerized Environments (Docker/K8s)
✓ Daily Encrypted Backups
Data Encryption
✓ Data at Rest: AES-256 Encryption
✓ Data in Transit: TLS 1.3 (Force HTTPS)
✓ Key Management Service (KMS)
✓ Strict Database Isolation per Tenant
Access Control
✓ Principle of Least Privilege (PoLP)
✓ Multi-Factor Authentication (MFA) Required
✓ Role-Based Access Control (RBAC)
✓ Comprehensive Audit Logging
Compliance
✓ GDPR & CCPA Aligned
✓ SOC 2 Type II (Aspirational/Pending)
✓ Regular Penetration Testing
✓ Vulnerability Scanning
2. Incident Response
In the event of a security breach, our dedicated Incident Response Team (IRT) will:
Contain and isolate the threat immediately.
Investigate the scope and impact of the incident.
Notify affected customers within 72 hours, in compliance with GDPR.
Implement patches and remediation steps to prevent recurrence.
Vulnerability Reporting
We maintain a Responsible Disclosure Program. If you discover a security vulnerability in our systems, please report it to us immediately. Do not exploit the vulnerability.