Security & Data Protection at MODocs

Every process, document, and dataset you manage in MODocs is safeguarded with enterprise-grade controls and privacy-first architecture.

๐Ÿ”’

Infrastructure Security

Hosted on Vercel and backed by Neon PostgreSQL, MODocs benefits from enterprise cloud infrastructure with high availability, network isolation, and encryption.

  • Data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Automatic scaling and DDoS protection
  • Frequent security patches and dependency audits

๐Ÿง 

Secrets & Environment Control

All credentials and environment variables are managed using AWS Secrets Manager and Vercel encrypted variables. Access is tightly restricted and logged.

๐Ÿ‘ฅ

Authentication & Access

  • SSO via Okta, Google, and Apple
  • Role-based access control (RBAC) on every API call
  • Session and JWT validation by user, organization, and role
  • Granular permissions and audit logging for sensitive operations

Data Privacy & Tenant Separation

Each customerโ€™s data is logically separated by organization. Access to data is restricted to authorized users only. Backups are encrypted, versioned, and maintained according to retention policies agreed upon with each customer.

Compliance & Partner Certifications

SOC 2 Type II
ISO 27001
GDPR
AWS & Vercel Attested Providers

MODocs aligns our internal practices to these industry standards through continuous monitoring, documentation, and access control reviews. While MODocs itself is not yet independently certified, our hosting and infrastructure partners: AWS, Vercel, and Neon hold these certifications, and we inherit their security and compliance controls to protect your data.

Continuous Monitoring & Incident Response

System activity, uptime, and error logs are continuously monitored for unusual behavior. Our incident response plan defines escalation, notification, and resolution procedures for potential security events.

Data Residency & Subprocessors

MODocs data is hosted in AWS U.S. regions by default, with regional hosting available on request. Our subprocessors include:

  • Vercel โ€” Application hosting and CDN
  • Neon โ€” Managed PostgreSQL database
  • AWS โ€” Secrets management and AI infrastructure

Security Contact

For security inquiries or disclosures, contact security@modocs.ai.