Security
Security at Munichain
Customer trust, reliability, and data security are fundamental to Munichain's mission. We employ comprehensive security measures to protect your data and ensure uninterrupted access to our services.
Our Commitment to Security
Safeguarding your data and ensuring the reliability of our platform are at the core of everything we do. Our commitment to security, privacy, and compliance is embedded into the architecture, processes, and daily operations of our organization. Designed with the unique needs of the municipal bond market in mind, the Munichain platform employs robust measures to protect sensitive financial workflows while enabling seamless collaboration and communication across the working group.
Security and Compliance Programs
- •SOC 2 Type II: Munichain has achieved SOC 2 Type II certification, demonstrating our commitment to maintaining high standards of security, availability, and confidentiality.
- •Future Certifications: We continuously pursue additional certifications to enhance our security posture and meet evolving industry standards.
- •AICPA Trust Services: Our platform adheres to the AICPA Trust Services Criteria for security, ensuring that our controls meet rigorous standards for protecting information and systems.
- •Regular Audits: Annual audits by independent service auditors validate our compliance and the effectiveness of our security controls.
Product Security
- •SAML-Based SSO: Authenticate users seamlessly using your existing SAML-based identity provider, eliminating the need for multiple login credentials.
- •Granular Permissions: Assign specific permission levels within the platform to internal team members and external collaborators.
- •Access Control: Control access to various parts of the application, determining read/write capabilities based on user roles.
- •Least Privilege Principle: Ensure users have only the access necessary to perform their roles, minimizing potential security risks.
Network and Application Security
- •Infrastructure: Munichain's platform leverages the secure data centers and built-in security features of our hosting provider.
- •Compliance Certifications: Our provider's data centers are accredited under ISO-27001, SOC 1, SOC 2, PCI DSS, and more, ensuring adherence to industry-leading security standards.
- •Geographical Redundancy: Resources are distributed across multiple zones to enhance reliability and disaster recovery capabilities.
- •Isolated Network Environment: All servers operate within a dedicated virtual network, utilizing Network Access Control Lists (ACLs) to prevent unauthorized access.
- •Secure Communication: Traffic between platform components is isolated and secured, minimizing exposure to external threats.
- •Data in Transit: All data transmitted to and from Munichain is encrypted using TLS 1.2 or higher, ensuring secure communication channels.
- •Data at Rest: Sensitive data, including customer and configuration data, is encrypted using AES-256 encryption standards.
- •Strict Transport Security (HSTS): Enforces secure connections by ensuring browsers interact with Munichain only over HTTPS.
Incident Response and Monitoring
- •24/7 Surveillance: Our operations team continuously tracks system performance, detects anomalies, and ensures high availability.
- •Proactive Alerts: Automated alerts notify our team of any suspicious activities or system issues, enabling swift response and resolution.
- •Structured Procedures: Munichain has established comprehensive incident response protocols, including escalation procedures and rapid mitigation strategies.
- •Post-Incident Reviews: After resolving an incident, we conduct detailed post-mortem analyses to identify root causes and implement preventive measures.
- •Employee Training: All team members are trained on incident response policies to ensure coordinated and effective handling of security events.
- •Regular Assessments: We engage third-party security experts to conduct quarterly vulnerability scans and semiannual penetration tests, identifying and addressing potential security weaknesses.
- •Automated Scanning: Continuous vulnerability scanning of our codebase and infrastructure ensures that new threats are promptly detected and mitigated.
Availability and Reliability
- •99% Uptime: Munichain strives for a 99% uptime or higher, ensuring that our platform remains accessible and reliable for all users.
- •Redundant Infrastructure: Our services are distributed across multiple zones to ensure continuity in the event of a data center failure.
- •Disaster Recovery Plans: Automated daily backups and geo-replication enable swift restoration of services to a specific point in time.
- •Infrastructure as Code: Utilizing Infrastructure as Code (IaC) allows us to quickly deploy new infrastructure components, facilitating rapid recovery from catastrophic failures.
People and Processes
- •Comprehensive Screening: All Munichain employees undergo thorough background checks before joining the team, ensuring trustworthiness and reliability.
- •Ongoing Training: Continuous security training programs equip our employees with the knowledge and skills to uphold our stringent security policies and handle data responsibly.
- •Strict Confidentiality: Every employee and contractor signs confidentiality agreements to protect proprietary and client information, reinforcing our commitment to data privacy.
- •Managed Devices: All employee devices are managed, enforcing security standards like full-disk encryption and endpoint monitoring.
- •Malware Prevention: Robust anti-virus and anti-malware solutions protect all devices from malicious threats, ensuring a secure working environment.
Trust in Every Transaction
Munichain is committed to providing a secure and reliable platform that empowers our customers to focus on what matters most — streamlining workflows, enhancing productivity, and driving results. With security at the forefront, you can trust Munichain to protect your data and support your success.
For more information on our security practices or to request a copy of our latest SOC 2 Type II report, please contact us at info@munichain.com.
Join the next evolution of public finance.
Get started with streamlined workflow solutions that make the new issuance process more collaborative, organized, and efficient.