Privacy and Security

At Chronicle, safeguarding our clients’ data is not just a policy; it’s the cornerstone of everything we do. This manual delves into the specifics of our security, privacy, and compliance frameworks. It’s designed to demystify the complex processes and technologies we employ, ensuring clarity and understanding for all, regardless of technical background.

Chronicle is committed to upholding the highest standards of data sovereignty and compliance. As part of our transparency, it’s important to note that our current data storage infrastructure is located in Australia. Recognizing the critical importance of geographical data storage mandates, we are actively engaged in a comprehensive testing and transition process. This initiative is aimed at segregating and migrating data to ensure that all information, specifically for U.S.-based clients, is stored and accessed exclusively within the contiguous United States.

This includes ensuring that all data centers are located within the contiguous United States and that data used within our systems remains under the exclusive ownership of our clients. Access to this data is facilitated through standard web protocols such as REST APIs, with the security of data transmissions guaranteed by high encryption standards, including TLS 1.2 and above.

We prioritize security through multi-factor authentication methods that exclude traditional, less secure methods. Our platform is in full compliance with FedRAMP capabilities and adheres to FIPS 140-2 standards for both data at rest and in transit. This commitment to security is comprehensive, covering specialized data across various industry standards, ensuring that our clients’ data is protected according to the most stringent local, state, federal, and international regulations.

Our applications are designed for the cloud, utilizing modern web-enabled technologies that ensure operational efficiency and security. We strictly prohibit hardware-based licensing keys and enforce operation under the least privilege principle. Development practices leverage contemporary frameworks and languages, ensuring our applications are compatible across devices and browsers without requiring modifications, thereby maintaining the integrity and accessibility of the applications.

Chronicle utilizes MySQL on virtual servers, ensuring data encryption meets FIPS 140-2 standards. Our approach to database management prioritizes flexibility, security, and compliance, providing a robust and reliable infrastructure for managing our clients’ data.

Our server architecture is built on Nginx and Linux, incorporating Docker containerization for enhanced efficiency and scalability. The network infrastructure supports the latest protocols and standards, including TCP/IP TLS 1.2 and above, ensuring secure and reliable data communication across our platform.

Chronicle represents a forward-thinking approach to digital infrastructure, emphasizing not just the security and compliance aspects but also the adoption of modern technologies and standards. This ensures that our clients benefit from a digital ecosystem that is both secure and capable of meeting the evolving demands of the digital landscape. Our commitment to excellence and compliance positions Chronicle as a leader in providing secure, reliable, and compliant digital infrastructure solutions.

Translate »