Security Overview
Security at Ledger One
Last updated: March 5, 2025
Infrastructure and encryption
Ledger One runs on hardened cloud infrastructure with network segmentation, private VPCs, and automated patching. All traffic is encrypted in transit using TLS 1.2+ and encrypted at rest with AES-256. Secrets are stored in dedicated secret management systems with strict access controls.
Access control
Employee access follows least privilege principles backed by SSO, MFA, and device posture checks. Administrative actions are logged and reviewed regularly. Customers can configure granular, role-based permissions within the platform to tailor access for each workspace member.
Monitoring and incident response
We maintain 24/7 monitoring with automated alerting for anomalous activity. A documented incident response plan guides detection, triage, and communication. Customers are notified promptly if their data is impacted, and post-incident reviews drive improvements to our controls.
Compliance and assessments
Our SMB Silver Certification validates operational and security best practices for small and mid-sized business platforms. We perform regular penetration tests, vulnerability scans, and access reviews. Evidence packages are available via mutual NDA for enterprise evaluations.
Data privacy and removal
Security and privacy are linked. We honor the GDPR right of removal, execute secure data deletion workflows, and verify completion across live systems and backups. Privacy impact assessments are required for new data flows.
Responsible disclosure
Researchers who discover potential vulnerabilities can reach us at security@ledger.one. We respond quickly, provide status updates, and recognize contributions when permitted.