Security
Security
Security
Security at
Positive Carbon
Positive Carbon protects your food data with enterprise-grade security, encryption, and compliance, ensuring reliability at any scale.
Data Security Measures
Gold-standard protection for your sustainability data. Backed by ISO 27001 certification.
AES-256 & TLS 1.3 everywhere
Enterprise-grade Encryption
Enterprise-grade Encryption
All data is encrypted in transit and at rest with AES-256 and the latest TLS protocols. Keys are managed in AWS KMS and rotated automatically to keep your carbon metrics safe from interception.
All data is encrypted in transit and at rest with AES-256 and the latest TLS protocols. Keys are managed in AWS KMS and rotated automatically to keep your carbon metrics safe from interception.
ISO 27001:2022 certified
ISO 27001-Certified
ISO 27001-Certified
Positive Carbon’s entire information-security programme is independently audited and certified to ISO 27001. Policies, risk assessments and controls are reviewed at least annually to guarantee continuous compliance.
Positive Carbon’s entire information-security programme is independently audited and certified to ISO 27001. Policies, risk assessments and controls are reviewed at least annually to guarantee continuous compliance.
Multi-zone Azure architecture
Resilient Infrastructure
Resilient Infrastructure
Production systems run in isolated, auto-scaling clusters distributed across multiple Azure availability zones. Firewalls, VPC segmentation and strict IAM roles ensure only authorised service and people touch your data
Production systems run in isolated, auto-scaling clusters distributed across multiple Azure availability zones. Firewalls, VPC segmentation and strict IAM roles ensure only authorised service and people touch your data
<1-hour RPO / <4-hour RTO
Redundancy & Disaster
Redundancy & Disaster
Encrypted backups are streamed in real time to separate regions and tested quarterly. We can restore the entire platform within four hours and with less than one hour of data loss, even in a region-wide outage.
Encrypted backups are streamed in real time to separate regions and tested quarterly. We can restore the entire platform within four hours and with less than one hour of data loss, even in a region-wide outage.
24 × 7 threat detection
Continuous Monitoring
Continuous Monitoring
Automated tooling scans for vulnerabilities, misconfigurations and anomalous behaviour around the clock. Findings are triaged within minutes and patched according to a strict SLA to stay ahead of emerging threats.
Automated tooling scans for vulnerabilities, misconfigurations and anomalous behaviour around the clock. Findings are triaged within minutes and patched according to a strict SLA to stay ahead of emerging threats.
Retention clearly defined
Performance overview
Performance overview
Customer data is stored only for the duration of your contract. Upon request or contract end. It is securely wiped using NIST-compliant destruction routines and verified by audit logs.
Customer data is stored only for the duration of your contract. Upon request or contract end. It is securely wiped using NIST-compliant destruction routines and verified by audit logs.
