Enterprise Security

Security That Meets Regulatory Standards

Regulated industries demand more than standard cloud security. MoniDoseQMS is built from the ground up with OWASP Top 10 compliance, authenticated encryption, tamper-evident audit trails, and 13 security middleware layers that satisfy the most rigorous compliance requirements.

Request Security Details View Validation

OWASP Top 10:2021

OWASP Top 10 Compliance

Every category in the OWASP Top 10 (2021 edition) is addressed with specific, tested controls embedded throughout the platform.

A01

Broken Access Control

Tenant isolation middleware validates company ownership on every request. CompanyId filtering on all database queries. Role-based authorisation on all controllers. IDOR prevention on file uploads and record access.

A02

Cryptographic Failures

AES-256-GCM authenticated encryption for data at rest. TLS 1.3 for data in transit. PBKDF2 with 310,000 iterations for password hashing. SHA-256 hash chains for audit trail integrity.

A03

Injection

All database queries use parameterised ORM queries — no raw SQL concatenation. Input sanitisation removes control characters. Audit log data is sanitised to prevent log injection attacks.

A04

Insecure Design

Security requirements documented from initial design. Threat modelling embedded in development lifecycle. Defence-in-depth with 13 middleware layers. Dedicated security guardrail test suite.

A05

Security Misconfiguration

Content Security Policy headers restrict resource loading. X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy headers enforced on every response.

A06

Vulnerable Components

Dependency management with automated vulnerability scanning. Regular package updates. Secret detection guardrail tests in CI/CD pipeline prevent credential leakage.

A07

Identification & Auth Failures

Email confirmation required. Password reset tokens expire in 1 hour. 2FA enforced for administrators. Registration, password reset, and join code brute force protection with rate limiting.

A08

Software & Data Integrity

HTTPS enforcement in production. JWT signature verification with 1-minute clock skew. Anti-forgery tokens on all state-changing operations. Token revocation service for immediate access termination.

A09

Logging & Monitoring

40+ security event types tracked. SHA-256 hash-chained audit logs with before/after values. Correlation IDs for distributed tracing. Traffic metrics middleware for anomaly detection.

A10

Server-Side Request Forgery

JWT scope validation on all API requests. No user-controlled external URL fetching. Strict origin validation. Internal service communication restricted to trusted endpoints.

Data Protection

Multiple layers of protection ensure your quality data remains secure, private, and available when you need it.

AES-256-GCM Encryption at Rest

All sensitive data is encrypted using AES-256-GCM authenticated encryption — the same standard used by financial institutions. Authenticated encryption ensures both confidentiality and integrity of stored data.

TLS 1.3 Encryption in Transit

TLS 1.3 secures every connection between your browser and our servers, preventing interception and tampering. HSTS headers enforce HTTPS with a 365-day max-age and subdomain inclusion.

EU Data Residency

Your data stays in EU-based data centers. No transatlantic transfers, no adequacy decision dependencies.

Multi-Layer Tenant Isolation

Each customer environment is isolated at the database, application, and middleware layers. PostgreSQL schema-per-tenant segregation ensures complete data separation — no shared tables, no cross-tenant access.

Automated Backups

Daily encrypted backups with 90-day retention. Point-in-time recovery available to restore data to any moment within the retention window.

Tamper-Evident Audit Trail

Every action is logged in an append-only audit trail secured by SHA-256 hash chains. Each entry is cryptographically linked to the previous one — any modification breaks the chain, making tampering detectable.

Access Controls

Fine-grained access management ensures the right people have the right access — and nobody else.

Role-Based Access Control

Granular permissions tied to organisational roles. Users see only what they need, aligned to your quality management structure.

Multi-Factor Authentication

MFA enforced across all accounts. Supports TOTP authenticator apps and hardware security keys. Administrator accounts require 2FA — enforced at the middleware level with no bypass.

FDA-Grade Password Policy

12-character minimum with uppercase, lowercase, digit, and special character requirements. 90-day expiration with forced password change. Account lockout after 5 failed attempts for 15 minutes.

Session Management

8-hour session timeout with sliding expiration. HttpOnly, Secure, SameSite=Strict cookies prevent JavaScript access and cross-site attacks. Cache-Control headers prevent back-button data exposure.

Enterprise

IP Allowlisting

Enterprise plan feature. Restrict platform access to approved IP ranges, ensuring only authorised networks can reach your environment.

Enterprise

Single Sign-On (SSO)

Enterprise plan feature. Integrate with your identity provider via SAML 2.0 or OpenID Connect for centralised authentication. SSO-only enforcement mode available.

Defence in Depth

13 Security Middleware Layers

Every request passes through a pipeline of 13 dedicated security middleware components. Each layer validates, filters, or enforces a specific security control — and short-circuits immediately on violation.

Malicious request filtering — blocks vulnerability scanners and bot probes at the pipeline entry

Content Security Policy — XSS, clickjacking, and code injection prevention with nonce support

Admin 2FA enforcement — privileged accounts cannot bypass multi-factor authentication

Tenant access validation — verifies company status and user membership on every request

Schema-per-tenant isolation — PostgreSQL search_path set per connection for data segregation

Billing access enforcement — blocks write operations when subscription is suspended

Module access control — restricts access to modules not included in the customer plan

Forced password change — redirects users with expired passwords before any other action

SSO-only enforcement — blocks local authentication when company requires SSO

Impersonation tracking — full audit logging when administrators test user permissions

Correlation ID injection — distributed tracing for security incident investigation

Traffic metrics collection — request-level monitoring for SLO and anomaly detection

Company lifecycle enforcement — handles pending activations and trial expirations

Rate Limiting & Brute Force Protection

Targeted rate limiting on every attack surface — registration, login, password reset, and invitation codes — with per-IP and per-identity tracking.

Registration Protection

5 attempts per IP per 10-minute window. Prevents mass account creation and enumeration attacks.

Password Reset Protection

3 attempts per email, 5 per IP per 15-minute window. Prevents email bombing and account enumeration.

Account Lockout

5 failed login attempts triggers 15-minute lockout. Audit event logged for security monitoring.

Join Code Protection

5 failed attempts triggers 15-minute cooldown. Prevents brute force guessing of invitation codes.

Continuous Verification

Security Test Suite

Dedicated security guardrail tests run on every build to catch regressions before they reach production. These are not just unit tests — they probe for real vulnerabilities.

Authorisation guardrail tests — verifies [Authorize] attributes on all controllers and role-based auth on destructive actions
Tenant isolation guardrail tests — scans codebase for missing CompanyId filtering patterns
CRUD tenant isolation tests — runtime tests for create, read, update, delete with tenant context
IDOR probe tests — cross-tenant data access attempt testing
Secret detection tests — CI/CD scanning for hardcoded credentials, API keys, and connection strings
Audit trail compliance tests — verifies before/after values, user tracking, and timestamps per FDA 21 CFR Part 11
Ops console security tests — break-glass session auditing and super-admin authorisation verification
Registration hardening tests — rate limiting, email validation, and brute force protection verification

File Upload Security

Document-heavy workflows require strict file upload controls. Every upload is validated, scoped, and tracked.

Extension whitelist — only approved file types accepted

200 MB size limit with server-side enforcement

Tenant-scoped storage — IDOR prevention on every access

Entity-type validation — controlled documents vs. evidence attachments

Audit trail entry on every upload to approved records

Antivirus scanning hook ready for production deployment

Certifications & Standards

Our security posture is validated through recognised certifications and compliance frameworks.

GDPR Compliant

Current

We process personal data in accordance with the EU General Data Protection Regulation. Data subject rights, lawful basis documentation, and DPO oversight are built into our operations.

EU Data Residency

Current

All customer data is stored and processed exclusively within European Union data centres. No data leaves the EU without explicit customer consent.

SOC 2 Type II

In Progress

Independent audit of our security, availability, and confidentiality controls over an observation period. Validates that our controls work consistently, not just on paper.

ISO 27001

Planned 2027

The international standard for information security management systems. Certification will formalise the security practices already embedded in our platform.

Compliance & Validation

Purpose-built for regulated environments where data integrity and traceability are not optional.

Computer System Validation (CSV)

MoniDoseQMS follows a risk-based CSV approach aligned with GAMP 5. We provide validation documentation packages including system requirements specifications, design specifications, and traceability matrices.

21 CFR Part 11 Compliance

Electronic records and electronic signatures meet FDA requirements. Tamper-evident audit trails with SHA-256 hash chains capture who did what, when, and why — including before and after values. Electronic signatures include meaning, date/time, and are cryptographically linked to their records.

ALCOA+ Data Integrity

Every record in MoniDoseQMS is Attributable, Legible, Contemporaneous, Original, and Accurate — plus Complete, Consistent, Enduring, and Available. Audit trails are immutable, append-only, and system-generated.

IQ/OQ/PQ Documentation

Installation Qualification, Operational Qualification, and Performance Qualification protocol templates are available for all plans. Our team provides execution support to streamline your validation activities.

Incident Response

We maintain a documented incident response plan covering detection, containment, eradication, recovery, and post-incident review. Security events are classified by severity and communicated to affected customers within defined timeframes.

24/7 monitoring

Defined escalation procedures

Customer notification within 72 hours

Post-incident reports

Correlation ID tracing for forensics

Data Processing Agreement

We provide a GDPR-compliant Data Processing Agreement (DPA) to every customer. The DPA details our obligations as a data processor, including sub-processor management, data transfer safeguards, and your rights regarding data access, portability, and deletion.

DPAs are executed as part of the onboarding process. If you need to review our standard DPA before engaging, contact us and we will provide a copy.

Request DPA