Security-First Architecture

Your Data is Our Priority

Aerie OS is built from the ground up with security as a core architectural principle, not a bolt-on afterthought. Every layer — from database to API to UI — enforces tenant isolation and data protection.

Multi-Tenant Architecture

Every tenant is fully isolated using Supabase Row-Level Security (RLS). One tenant can never access another's data, even at the database level.

Encryption at Rest & in Transit

All data is encrypted at rest using AES-256-GCM with per-tenant HKDF-derived keys. All connections use TLS 1.3.

Authentication & MFA

Powered by Supabase Auth with JWT tokens. Multi-factor authentication (TOTP) supported for all users. Session management with automatic expiry.

Role-Based Access Control

Granular RBAC with tenant-level isolation. Administrators, technicians, and clients each see only what they should. Every permission is enforced server-side.

Infrastructure & DDoS Protection

Hosted on Cloudflare Pages with enterprise-grade WAF, DDoS mitigation, and a global CDN. Database hosted on Supabase in the UK (London) region.

AI Security

BYO API keys for AI providers — your keys never touch our servers. PII scrubbing planned for all AI interactions. We never train on your customer data.

Data Residency

Primary Database

Supabase — UK region (London). Your data stays in the UK by default. Enterprise customers can request specific regional deployments.

CDN & Edge

Cloudflare global network. Static assets are cached at edge locations worldwide for performance. No customer data is stored at the edge.

Compliance Roadmap

Cyber Essentials

Planned2026

Cyber Essentials Plus

Planned2026

ISO 27001

Planned2027

SOC 2 Type II

Planned2027

GDPR Compliance

ActiveNow

Responsible Disclosure

If you discover a security vulnerability in Aerie OS, please report it responsibly. We take all reports seriously and will respond within 48 hours.

Contact: security@aerie-tech.co.uk

Please do not disclose vulnerabilities publicly until we have had a chance to investigate and remediate. We are committed to working with security researchers to keep Aerie OS safe.