Security & Compliance
Your business data deserves enterprise-grade protection. Predictiv implements comprehensive security controls across infrastructure, application, and data layers to ensure your information remains secure, private, and available when you need it.
Security Architecture
Predictiv employs a defence-in-depth security architecture with multiple layers of protection:
Network Security: Firewalls, intrusion detection systems, and network segmentation isolate and protect system components. All external access is routed through secure load balancers with DDoS protection.
Application Security: Regular security assessments, code reviews, and penetration testing identify and remediate vulnerabilities. We follow OWASP guidelines and secure coding practices throughout development.
Data Security: Encryption, access controls, and audit logging protect data at every stage. Sensitive data is encrypted both in transit and at rest using industry-standard algorithms.
Data Protection
Encryption in Transit: All data transmission uses TLS 1.3, the latest encryption protocol. This applies to web traffic, API calls, mobile app communications, and integration endpoints.
Encryption at Rest: Database contents are encrypted using AES-256 encryption. Backup files are encrypted before storage. Sensitive configuration values use additional encryption layers.
Key Management: Encryption keys are managed using industry best practices. Keys are rotated regularly, access is strictly controlled, and key management is separated from data storage.
Access Control
Role-Based Access Control (RBAC): Predictiv implements comprehensive RBAC allowing granular control over who can access what data and perform which actions. Roles can be customised to match your organisational structure.
Multi-Factor Authentication: MFA is available for all users and can be enforced by policy. We support authenticator apps and SMS-based verification.
Session Management: Sessions are secured with strong tokens, automatic timeouts, and single-session enforcement options. Session activity is logged for audit purposes.
Audit Trails: Every data modification is logged with who made the change, when, and what was changed. Audit logs are immutable and retained according to your compliance requirements.
Infrastructure Security
Deployment Flexibility: Choose the deployment model that meets your security requirements:
Data Centre Security: For SaaS and managed deployments, we use certified data centre facilities with:
Backup and Recovery: Automated daily backups with point-in-time recovery capability. Backups are encrypted and stored in geographically separate locations. Recovery procedures are regularly tested.
Compliance
Regulatory Frameworks: Predictiv is designed to support compliance with major regulatory frameworks:
Compliance Features: Built-in capabilities support your compliance obligations:
Certification Roadmap: We are actively working toward:
These certifications will provide independent verification of our security controls.
Data Residency
Regional Hosting: For organisations with data residency requirements, we offer hosting options in multiple regions including South Africa. Data never leaves your specified region without explicit authorisation.
Self-Hosted Control: Self-hosted deployments give you complete control over data location. Deploy on-premises, in your private cloud, or with your preferred regional cloud provider.
Contractual Guarantees: We provide contractual commitments regarding data location, cross-border transfers, and data handling practices as required for regulatory compliance.
Incident Response
Incident Management: We maintain a documented incident response process covering detection, containment, eradication, and recovery. Our team is trained and prepared to respond to security events.
Breach Notification: In the event of a data breach, we will notify affected customers promptly in accordance with applicable regulations (POPIA, GDPR). Our notification process includes:
Responsible Disclosure: We welcome responsible security research. If you discover a vulnerability, please contact our security team at security@predictiv.com. We commit to:
Always Encrypted
Data is encrypted in transit and at rest using TLS 1.3 and AES-256.
Complete Audit Trail
Every change is logged for compliance and forensic analysis.
Your Data, Your Control
Choose deployment model and data location that meets your requirements.
Proactive Security
Regular assessments, penetration testing, and security updates.
Security questions?
Our team can provide detailed security documentation and answer specific compliance questions.