Trust & Compliance

Security

Tetrify protects your firm's most sensitive data — staffing, utilization, and client engagement details. This page summarizes how we secure that data today and where we are heading.

Compliance Roadmap

Tetrify is committed to enterprise-grade security. We are actively working toward the following independent attestations:

SOC 2 Type II — target FY2027
ISO/IEC 27001 — target FY2027

Data Protection

Hosted on Cloudflare's global network with TLS 1.3 encryption in transit.
Sensitive data encrypted at rest in Cloudflare Workers KV using envelope encryption.
Strict multi-tenant isolation through per-workspace key namespacing.
Secrets managed in Cloudflare Worker bindings — never committed to source.

Responsible Disclosure

If you discover a security vulnerability, please report it to [email protected]. We follow industry-standard coordinated disclosure practices and aim to acknowledge reports within 2 business days.

A machine-readable contact is published at /.well-known/security.txt per RFC 9116.

Contact

Security inquiries: [email protected]