Security
Ensuring Security and Compliance in Contract Management with BLOCKTRACTS
Last updated
Ensuring Security and Compliance in Contract Management with BLOCKTRACTS
Last updated
In the realm of contract management, security and compliance are paramount to safeguarding sensitive data and ensuring trust among stakeholders. At BLOCKTRACTS, we uphold rigorous standards to protect our users’ data and comply with international regulations to foster a secure digital environment.
Security forms the cornerstone of our operations at BLOCKTRACTS. We implement robust measures to protect the confidentiality, integrity, and availability of data throughout its lifecycle. Key security protocols include:
1. Data Encryption: All data transmitted and stored within BLOCKTRACTS is encrypted using industry-standard encryption protocols. This ensures that sensitive information remains secure and protected against unauthorized access.
2. Multi-Factor Authentication (MFA): To prevent unauthorized access to user accounts, BLOCKTRACTS employs MFA. This adds an additional layer of security by requiring users to verify their identity through multiple verification methods.
3. Secure Blockchain Integration: BLOCKTRACTS leverages Blockchain technology to store contracts securely. Each contract is stored as a Non-Fungible Token (NFT) using the ERC-6551 standard and on certified nodes. This approach ensures immutability and transparency while mitigating the risk of data tampering. All user data that is going to be stored in IPFS nodes will be encrypted using industry-standard encryption protocols before it reaches into the node and only be accessible by the owners.
4. Regular Security Audits: We conduct regular security audits and assessments to identify and address potential vulnerabilities. This proactive approach helps us stay ahead of emerging threats and ensures continuous improvement of our security posture.
BLOCKTRACTS adheres to stringent regulatory frameworks to protect user data and ensure compliance with global standards. Our commitment includes:
1. SOC 2 Type II Compliance: We are working on being SOC 2 Type II compliant, adhering to principles for security, availability, confidentiality, privacy, and the integrity of transaction processing systems. This certification will demonstrate our dedication to maintaining robust security controls and practices.
2. General Data Protection Regulation (GDPR): As a company serving global clients, BLOCKTRACTS will comply with GDPR, which sets forth strict guidelines for the protection of personal data of individuals within the European Union. We will ensure that user data is processed lawfully, transparently, and for specified purposes, with user consent and rights respected.
3. eIDAS Regulation: Facilitating secure cross-border transactions, BLOCKTRACTS is working on being compliant to the eIDAS Regulation. This regulation establishes a framework for digital identities and authentication across the EU, promoting trust in electronic interactions and facilitating seamless digital services.
At BLOCKTRACTS, we prioritize data resilience and availability through meticulous storage and backup practices:
• Hourly Backups: To safeguard against data loss, we conduct hourly backups of user's data. Backups are distributed across servers located in the USA, Europe, and Singapore, ensuring redundancy and resilience in case of unforeseen incidents.
• Certified Nodes: Contracts stored on BLOCKTRACTS are hosted on certified nodes located strategically worldwide. These servers comply with industry standards and ensure reliable access to stored contracts. even at the time of the grace period when the user unsubscribed for our service, they will have the leverage to keep their data for some time till they pin their cids into another IPFS service provider or host their own nodes.