Isolation, accountability, and recovery are release requirements.
Security claims shown here remain factual and evidence-backed; compliance certification is never implied without independent verification.
Tenant and access controls
Restricted database roles, PostgreSQL row-level security, scoped RBAC, host-bound tenant resolution, secure sessions, MFA readiness, and immutable operational audit records.
Private content
Private object storage, expiring signed access, upload checksums, malware quarantine, versioning, and recovery evidence protect institutional files.
Availability and recovery
The India-hosted pilot targets RPO 1 hour and RTO 4 hours, subject to documented restore drills and off-provider encrypted backups.
Architecture and contractual controls
Read the public security architecture, review the support policy, and distinguish the SLA framework from signed commitments.