Security
Visibility demands trust.
2020.systems processes spatial intelligence for airports, governments, manufacturers, and research teams. We protect that perception layer with layered defenses, transparent programs, and a culture that treats security as a product feature—not an afterthought.
Infrastructure
- Multi-region Kubernetes clusters with automated image signing and runtime scanning.
- Zero-trust networking with mutual TLS between services and short-lived workload identities.
- Daily backups with immutability windows and automated disaster-recovery drills.
Application
- Secure SDLC with threat modeling, pair reviews, and dependency pinning.
- Fine-grained service accounts for pipelines, with read/write scopes enforced at the data-layer.
- Automated anomaly detection on API usage, pipeline job metadata, and login events.
People & Process
- Mandatory hardware keys and device posture checks for employees.
- Background checks for production-access roles and quarterly access audits.
- 24/7 on-call rotation with documented incident response runbooks.
Encryption
All traffic is encrypted with TLS 1.3. Customer datasets, tiles, and point clouds are encrypted at rest with AES-256 and wrapped by a managed KMS. Customers can request dedicated keys or HSM-backed escrow.
Access Control
Role-based controls extend from the web console to APIs and pipelines. You can enforce SAML SSO, SCIM provisioning, and per-tenant audit logs. API keys include least-privilege scopes and can be rotated via CLI or UI.
Incident Response
We maintain a NIST-aligned incident management program with tabletop exercises, joint communication templates, and rapid customer notification procedures. Historical postmortems are available under NDA.
Need a security review?
Email security@2020.systems for a full trust packet, SOC 2 letter, or to coordinate joint incident response exercises.