Infrastructure & Operational Security
- Last Updated: 9 Mar 2026
- Next Review: 1 Jul 2026
This page covers the security practices that apply to Enprivacy’s own internal infrastructure — the systems used to build, test, and distribute Invisiq. Because Invisiq is self-hosted by customers, this section focuses on the integrity of our development and delivery pipeline rather than a hosted service.
Access Control
Section titled “Access Control”Internal Systems
Section titled “Internal Systems”- Access to production build systems, code repositories, and distribution infrastructure requires SSO authentication with MFA enforced.
- Access is provisioned on a least-privilege basis and reviewed quarterly.
- Privileged access (e.g. admin access to CI/CD pipelines, artifact registries) is logged and subject to additional review.
- Access is revoked within the same day of employee off-boarding.
Customer-Facing Systems
Section titled “Customer-Facing Systems”- The customer portal / release registry requires authenticated access.
- Customers can manage their own user accounts, API tokens, and access controls within the portal.
Build and Distribution Infrastructure
Section titled “Build and Distribution Infrastructure”- Build pipelines run on GitHub Actions with network egress controls limiting outbound connections to approved registries and package mirrors.
- Artefact registries (container image registry, package registry) are access-controlled. Write access requires MFA.
- All artefacts are signed before publication (see Supply Chain Security).
- Artefact integrity is verified on download via Cosign signature.
Endpoint Security
Section titled “Endpoint Security”All Enprivacy engineering endpoints are managed and must comply with the following baseline:
- Full disk encryption enabled
- Endpoint detection and response (EDR) agent installed
- Automatic OS and security patch application
- Screen lock enforced after 15 minutes of inactivity
Network Security (Internal)
Section titled “Network Security (Internal)”- Internal systems are segmented by function (development, CI/CD, corporate).
- VPN or Zero Trust Network Access (ZTNA) is required to access internal systems remotely.
- All internal traffic between sensitive systems uses TLS.
Logging and Monitoring
Section titled “Logging and Monitoring”Enprivacy maintains logging and monitoring of internal systems including:
- Authentication events (success, failure, MFA bypass attempts)
- Privileged actions on CI/CD and distribution systems
- Anomalous network activity
Alerts are reviewed by the security team. Logs are retained for a minimum of 3 months.
Vendor and Subprocessor Management
Section titled “Vendor and Subprocessor Management”Enprivacy uses the following categories of subprocessors and vendors in the delivery of Invisiq:
| Category | Examples | Purpose |
|---|---|---|
| Source control | GitHub | Code hosting |
| CI/CD | GitHub Actions | Build and test automation |
| Artifact registry | GitHub Packages | Container image distribution |
Third-party vendors with access to our development environment are subject to security review before onboarding and periodic review thereafter. A full list of subprocessors is available at Subprocessors or on request.
Business Continuity
Section titled “Business Continuity”- Build and distribution systems have documented recovery procedures.
- The target Recovery Time Objective (RTO) for our release pipeline is 4 hours.
- Critical systems are backed up with a Recovery Point Objective (RPO) of 24 hours.
- Business continuity plans are reviewed and tested annually.
Security Assessments
Section titled “Security Assessments”| Assessment | Frequency | Scope | Last completed |
|---|---|---|---|
| Internal infrastructure penetration test | Annual | Build and distribution systems | Not yet started |
| Vendor security review | On onboarding + annual | All vendors with code/build access | Ongoing |
| Access review | Quarterly | All internal systems | 31 January 2026 |
| Business continuity test | Annual | Release pipeline | Not yet started |