Security architecture built for citizen trust

Annual SOC 2 Type II audit by an independent Canadian accounting firm covers security, availability, processing integrity, confidentiality, and privacy. Full report available under NDA to prospective municipalities.

• Logical access controls for citizen identity data with role-based permissions scoped to department and data sensitivity level
• Availability controls with 99.9% uptime SLA for identity verification and authentication services
• Processing integrity validation for identity verification workflows — photo ID matching, knowledge-based challenges, and tier assignments
• Confidentiality protections for citizen PII including field-level encryption, data masking in non-production environments, and access logging
• Privacy controls aligned with MFIPPA and PIPEDA — purpose limitation, consent tracking, and automated data retention enforcement
• Annual independent SOC 2 Type II audit with remediation tracking for identified findings

Information security management system aligned to ISO 27001 standards. Formal risk assessment, security controls, and continuous improvement processes. Certification in progress.

• Formal risk assessment methodology covering identity data assets — citizen accounts, verification records, and authentication credentials
• Access control policy with MFA enforcement, session management, and privileged access review for identity administration
• Cryptographic controls with AES-256 at rest and TLS 1.3 in transit for all citizen identity data
• Human resource security including background checks for staff accessing citizen identity systems
• Incident management procedures with escalation paths for identity data breaches and credential compromise scenarios

Implementation of the Center for Internet Security Controls v8 — inventory, data protection, access management, audit logging, incident response, and vulnerability management. Self-assessed with annual third-party validation.

• Enterprise asset inventory for all identity platform components including web servers, API gateways, and verification services
• Data protection controls with classification of identity data by sensitivity tier and encryption enforcement per classification
• Access management with least-privilege enforcement, automated deprovisioning, and quarterly privilege reviews
• Audit log management with centralized collection, tamper-evident storage, and 90-day online / 7-year archival retention
• Vulnerability management with continuous scanning, prioritized remediation SLAs, and third-party penetration testing

Aligned to the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover). Used as the foundational structure for the identity platform's security program, with municipal-specific adaptations.

• Identity function — comprehensive data inventory of citizen identity assets with risk assessment and business impact analysis
• Protect function — defense-in-depth architecture with WAF, rate limiting, bot detection, and credential stuffing prevention
• Detect function — continuous monitoring with anomaly detection for unusual login patterns, bulk data access, and privilege escalation
• Respond function — incident response playbooks for identity theft, account takeover, and mass credential compromise scenarios
• Recover function — identity service recovery procedures with RTO/RPO targets and citizen notification workflows