CediSync
    Security

    How we think about security.

    A quiet, honest page. If something is true today, it's stated as fact. If it's in progress, we say so. If it isn't planned, we don't pretend.

    At a glance
    Hosting region
    AWS af-south-1, Cape Town
    Encryption at rest
    AES-256
    Encryption in transit
    TLS 1.3
    Backups
    Daily, encrypted, 30-day retention
    Access model
    Role-based, row-level isolation per bureau
    Audit log retention
    7 years
    01

    Hosting and data residency.

    CediSync runs on AWS in the af-south-1 region (Cape Town). Primary database, application servers, and backups are all in the same region. Your data does not leave the African continent in normal operation.

    We use Supabase managed Postgres for the primary database, with point-in-time recovery enabled. The application tier runs on a serverless platform; static assets are served from a CDN with geographic routing that prefers African edges.

    02

    Encryption.

    All data is encrypted at rest using AES-256. All traffic between your browser and our servers is encrypted in transit using TLS 1.3. Backups are encrypted with the same algorithm before leaving the database layer.

    Application secrets (API keys, webhook secrets, Paystack credentials) are stored in an encrypted secrets manager, not in environment variables or source control. Secret rotation is logged.

    03

    Access control.

    Every bureau's data is isolated at the database row level. One bureau cannot read another bureau's trades, customers, rates, or reports — the isolation is enforced by Postgres row-level security policies, not application code.

    Inside a bureau, access is role-based: Owner, Supervisor, and Teller. Permissions are sensible defaults with per-user overrides. CediSync engineers do not access customer data in production except under a break-glass procedure logged to the audit trail.

    04

    Authentication.

    Passwords require minimum length, are rotated on detection of known breaches, and hashed with bcrypt at industry-standard cost. Session tokens are HttpOnly and Secure. Inactivity auto-logout is configurable per bureau.

    Two-factor authentication (TOTP) ships in the next quarter. SAML SSO is available on the Enterprise plan today.

    05

    Backups and recovery.

    The database is backed up daily, encrypted, with 30-day retention. Point-in-time recovery is available within the last seven days at per-second granularity.

    Our recovery objectives are RPO ≤ 1 hour and RTO ≤ 4 hours for full-region failures. We test restore quarterly against a staging environment and publish results internally.

    06

    Monitoring and incidents.

    Application errors, auth anomalies, and infrastructure health are monitored continuously. Paging alerts wake the on-call engineer for production incidents. We commit to initial response within one hour during business hours and four hours outside them.

    If an incident affects your data, we notify you directly within 72 hours and publish a post-mortem with timeline and remediation.

    07

    Compliance and certifications.

    CediSync is a software product, not a licensed financial institution. You remain the licensed bureau under Bank of Ghana; we provide the tooling to meet BoG reporting, record-keeping, and AML obligations.

    In progress: SOC 2 Type I readiness, ISO 27001 gap assessment. We do not claim certifications we do not yet hold. When we earn them, the certificate number and auditor name appear here.

    08

    Found a vulnerability? Tell us.

    If you believe you have found a security issue in CediSync, email security@cedisync.com. PGP key available on request. We respond within one business day.

    We ask you to give us reasonable time to remediate before public disclosure. We don't use DMCA or legal threats against good-faith researchers.

    Questions from your security team?

    Send them our way. We will answer specifics — not marketing paragraphs.