Daxor ERP — AI-native ERP, founded 2024 · built in BengaluruLearn more
Security

Enterprise security, no compromises.

Your data stays in your cloud tenant — by architecture, not just policy.

ISO 27001 Certified
Zero-access architecture
Immutable audit logs
Single-tenant deployment

Security model

Four-layer defence in depth.

Data Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.3). Encryption keys are managed in your Azure Key Vault or AWS KMS — Daxor staff have zero access.

  • AES-256 at rest
  • TLS 1.3 in transit
  • Customer-managed keys (BYOK)
  • Database-level column encryption for PII

Access Control

Role-based access control enforced at every layer. SSO via Azure AD, Okta, or Google Workspace. MFA mandatory for all privileged accounts.

  • RBAC + attribute-based policies
  • SSO with SAML 2.0 / OIDC
  • MFA enforced for admin roles
  • Session timeout & IP allowlisting

Audit & Compliance

Immutable audit logs for every action — who read what, when, and from where. Tamper-proof, stored separately from operational data.

  • Immutable audit trail (all actions)
  • SOC 2 Type II (in progress)
  • ISO 27001 certified
  • GDPR & DPDPA compliant

Infrastructure Security

Deployed in your cloud tenant — your data never leaves your VPC. Regular penetration tests by independent third parties.

  • Single-tenant deployment
  • VPC / private networking only
  • Annual third-party pen tests
  • Vulnerability scanning (weekly)

Compliance

Certifications & standards.

ISO 27001

Certified

Information Security Management

SOC 2 Type II

In Progress

Security & Availability

GDPR

Compliant

EU Data Protection

DPDPA 2023

Compliant

India Data Protection Act

GST / TDS

Compliant

India Tax Compliance

Ind AS / IFRS

Compliant

Accounting Standards

Incident response

SLA-backed response times.

SeverityResponse SLAExamples
Critical< 1 hourData breach, complete outage
High< 4 hoursPartial outage, auth failure
Medium< 24 hoursPerformance degradation
Low< 72 hoursUI bugs, minor feature issues

Need our security documentation?

We provide a full security pack including pen test reports, ISO certificate, and data processing agreements on request.

Request security pack