Skip to content
Security & Compliance

Security-first. Privacy-first. Footage-never.

IOSentra watches security systems, so it's engineered like one - isolated, encrypted, audited, and deliberately designed to never hold the one thing you can't afford to leak: your footage.

Security pillars

Privacy by design

CCTV footage is never persisted. Frames are analyzed in memory and discarded; only a 64-bit perceptual hash is stored, and live snapshots are served with no-store caching.

No footage storedIn-memory analysisno-store snapshots

Tenant isolation

Every customer gets a physically separate database. Deleting a tenant drops the database - true erasure, not a soft-delete flag.

Per-tenant databaseTrue erasureZero cross-tenant paths

Encryption & access

Device credentials are encrypted AES-256-GCM with per-tenant key derivation. TOTP 2FA, role-based access, hashed tokens, login lockout and per-IP rate limits guard every entry point.

AES-256-GCMTOTP 2FARBAC

GDPR & Israeli PPL

Data-subject rights are implemented in the product: one-call export of a person's data and hard erasure that also removes the identity record - aligned with GDPR and Israeli PPL Amendment 13.

GDPRIsraeli PPLDSAR built-in

Retention & audit

Retention TTLs are enforced daily, per tenant - events 90d, alarms 365d, incidents 730d, audit 365d by default. A full audit log (actor, IP, user agent) supports the 72-hour GDPR and 24-hour PPL breach windows.

Enforced TTLsFull audit trailBreach-window ready

Data residency

A tenant's region pins its database and object storage to that region's infrastructure - fail-closed and immutable after provisioning. Data can't silently land in the wrong country.

Region-pinnedFail-closedImmutable

Bring us your compliance requirements.

DPAs, sub-processor lists, residency constraints - we'll walk your security team through exactly what IOSentra stores, and what it never does.

Book a demo