Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Sensitive fields (PAN, GSTIN, credentials) use field-level encryption keyed by a customer-specific KMS key.

Authentication

Single sign-on via ORIS Identity (OIDC, RS256 JWT). Multi-factor authentication supported. All authentication events are logged to ORIS Audit Log.

Tenant isolation

Row-level security at the database layer - every Prisma query is filtered by tenant_id via middleware. Zero cross-tenant data access is possible by construction.

Audit trail

Every action is logged immutably - including every agent reasoning trace - so you can defend any filing in a future audit.

Compliance

Data residency in India. Aligned with ISO 27001, SOC 2 Type II controls (audit in progress), and the DPDP Act, 2023.

Reporting vulnerabilities

Found a security issue? Email security@meetoris.com. We respond within 24 hours.