Security & Trust

Enterprise security. No new attack surface

Digital Hive is a metadata layer. Reports and data stay in your existing platforms. Permissions are inherited, not copied. Authentication uses your existing identity stack

SOC 2 Type II ISO 20243 HIPAA Ready GDPR Compliant

Metadata only - no data movement
Source permissions inherited automatically
SAML 2.0, OIDC, and Active Directory SSO
AES-256 at rest - TLS 1.2+ in transit
Full audit trail on every access and change
Read-only metadata access - no write permissions

Certifications & Compliance

Independently verified. Continuously maintained

Our compliance posture is audited externally and updated continuously. Documentation is available under NDA for qualified prospects

Certified

SOC 2 Type II

Annual third-party examination of our security, availability, and confidentiality controls by an independent CPA firm. The Type II report covers a full 12-month period

Request report under NDA

Certified

ISO 20243

Open Trusted Technology Provider Standard (O-TTPS). Verifies supply chain integrity and security practices across the product lifecycle, from development through delivery

Request documentation

Ready

HIPAA Ready

Deployment and configuration guidance is available for healthcare environments. Business Associate Agreement (BAA) available on request. Suitable for analytics workflows involving protected health information

Request BAA

Compliant

GDPR Compliant

Data Processing Agreement (DPA) available for EU customers. Data subject rights honored. Sub-processor list maintained and published. Lawful basis documented for all processing activities

Request DPA

Architecture

Security by design, not by configuration

The fundamental security property of Digital Hive is structural. A metadata-only architecture means there is no path for data to be exfiltrated through us - because we never hold it

Request security datasheet Talk to a solutions engineer

Metadata only - no data movement Reports and underlying data remain in native platforms. Digital Hive indexes titles, descriptions, ownership, certification status, and usage signals only. Nothing is copied or cached
Source permissions inherited automatically Row-level security (RLS), object-level security (OLS), and workspace-level permissions defined in each BI platform are respected. Digital Hive never overwrites, escalates, or bypasses them
SSO and MFA Enterprise authentication via SAML 2.0, OIDC, and Active Directory. MFA enforced at the identity provider. Sessions, scopes, and token lifetimes configured to your policy
Encryption at rest and in transit AES-256 encryption for all data at rest. TLS 1.2 or higher for all data in transit. Keys managed through dedicated key management infrastructure
Complete audit trail Every search, view, certification change, permission update, and administrative action is logged with timestamp, user identity, and full attribution. Exportable for SIEM integration
Least-privilege connector access Connectors request only the read access required to index metadata. No write permissions are requested or granted to any source system

Ready to evaluate?

Security documentation available on request

SOC 2 Type II report, penetration test summaries, security questionnaire responses, and architecture documentation are available for qualified prospects under NDA

Book a security review Request documentation