Deployment flexibility
Managed cloud, customer cloud, on-premise, and fully air-gapped. Same data model, same audit trail, same methodology across topologies.
// SECURITY & GOVERNANCE
Hardened by default. Flexible by design.
OCTAAR is engineered for environments where the security posture is part of the operational requirement — not an afterthought. Deployment topology, encryption, access control, audit, and data governance are all decisions the customer drives.
// SECURITY BRIEF
Six pillars. One audit substrate.
The non-negotiables that hold across managed cloud, customer cloud, on-prem, and fully air-gapped deployments.
Mobile / field capability
Offline-tolerant capture. Conflict-aware synchronization. MDM-friendly, ruggedized profiles, optional device attestation.
Role-based permissions
Observer, reviewer, supervisor, administrator, and custom roles. Cross-task-force read enforcement at the data layer — not just the UI.
Audit & chain-of-custody
Tamper-evident audit log. Score provenance preserved across personnel rotation, deployment changes, and platform upgrades.
Data governance
Customer-owned data. Configurable residency. Legal-hold support, unit-scoped export controls, DLP-aware boundaries.
Operational continuity
99.9% availability target on managed deployments. Documented RTO/RPO. Horizontal scaling. Signed, versioned upgrades.
// ENCRYPTION
In transit. At rest. End-to-end.
Encryption is not a checkbox — it is the substrate. From the device in the field to the audit export delivered to higher headquarters, every payload is encrypted and every key is isolated.
- In transit. TLS 1.3 across every boundary. mTLS available for service-to-service.
- At rest. AES-256 across primary, replicas, backups, and exports. Per-tenant key separation.
- Key material. KMS-isolated. Customer-managed key option on customer-cloud deployments.
- Field devices. Local capture encrypted at the device layer. Conflict-aware sync preserves device-side integrity.
// COMPLIANCE POSTURE
Designed alongside the compliance regimes our customers operate inside.
We describe what the platform supports and what is in pursuit. We do not claim accreditations we do not hold.
// Compliance posture
ITAR-aware deployment
US-person workforce control, restricted data residency, export-controlled artifact handling. Variant deployments available for defense customers.
// Compliance posture
FedRAMP pathway
Architecture aligns with FedRAMP Moderate / High control families. Authorization pursuit is customer-led and customer-scoped.
// Compliance posture
HIPAA-readiness
Configurable PHI scoping, BAA framework, and audit substrate aligned with HIPAA-protected workflows in healthcare deployments.
// Compliance posture
SOC 2-aligned operations
Process and control set aligned with SOC 2 Type II trust services criteria. Audit pursuit is scoped to managed-cloud customers.
// Where a certification is in pursuit but not granted, we say so. We do not invent certifications. We describe what the architecture supports — and where the authorization pursuit currently stands.
// REQUEST OPERATIONAL READINESS DEMO