Safeguarding the platform
Security at CivicStream
Security is foundational to CivicStream. Municipal reviewers, applicants, and community stakeholders trust us with sensitive information, so we design every system with defence-in-depth controls.
Governance and compliance
CivicStream maintains administrative, technical, and physical safeguards aligned with SOC 2 principles. We conduct regular third-party assessments and share reports with customers under NDA.
Data protection
All data is encrypted in transit and at rest. Environment segmentation, role-based access controls, and automated monitoring limit exposure to sensitive submissions.
- Single sign-on and multi-factor authentication support
- Continuous vulnerability scanning and patch management
- Incident response runbooks with customer communication plans
Responsible disclosure
We invite security researchers and customers to report potential issues. Every report is triaged promptly, and we provide transparent updates through remediation.