Back to Home
Security

Security at Kwata Team

Security isn't an afterthought—it's the foundation of everything we build. Our PESNO framework ensures that Privacy, Ethics & Integrity, Security, Network Isolation (NIS2), and OWASP standards are embedded in every line of code and every system we deploy.

Our Framework

The PESNO Security Framework

PESNO is not just a checklist—it's a mindset. Before every action, we ask: "Does this follow PESNO principles?"

P

Privacy

Your data is protected by design

PIPEDA & Alberta PIPA aligned
Data minimization by design
User consent always required
E

Ethics & Integrity

Transparent, honest, and trustworthy practices

No deceptive patterns
Responsible AI disclosure
Data handled with integrity
S

Security

Enterprise-grade protection

Bank-level encryption
Strong authentication
Regular security audits
N

Network Isolation (NIS)

NIS2-aligned infrastructure

Isolated environments
No direct database exposure
Zero trust architecture
O

OWASP

Industry security standards

OWASP Top 10 aligned
Secure coding practices
Vulnerability monitoring
Practices

Security by Design

Security is foundational, not optional. These principles guide every decision we make.

Zero Trust Architecture

We never trust, always verify. Even internal services are authenticated and authorized.

Defense in Depth

Multiple layers of security controls ensure that if one fails, others protect your data.

Principle of Least Privilege

Systems and users only have the minimum access necessary to perform their functions.

Fail Securely

When systems fail, they default to a secure state rather than exposing data.

Continuous Monitoring

We continuously monitor for threats and respond to incidents within hours.

Regular Updates

Security patches applied within 48 hours for critical vulnerabilities.

Frameworks We Align With

We use precise language about where we stand. Kwata Team is built to the SOC 2 Trust Services Criteria and our internal PESNO standard, and is aligned with the privacy laws below. A formal third-party SOC 2 attestation and ISO 27001 certification are on our roadmap — we will say we hold them only once we do.

Privacy — aligned

  • PIPEDA (Canadian federal privacy law)
  • Alberta PIPA (provincial privacy law)
  • CASL (consent & unsubscribe in every email)

Security — built to

  • AES-256 encryption at rest
  • TLS 1.2+/1.3 in transit
  • SOC 2 Trust Services Criteria (aligned)
  • OWASP Top 10 secure-coding practices

On our roadmap

  • SOC 2 Type II attestation (accredited auditor)
  • ISO/IEC 27001 certification

Hosting & payments

  • Your data is never used to train AI and never sold
  • Payments handled by PCI-DSS-compliant processors — card data never touches our servers

Report a Security Issue

If you discover a security vulnerability, please report it responsibly:

  • Email: security@kwatateam.com
  • Response Time: Within 24 hours