Stonerose Liquidity Operating Standard

Security Policy

At Stonerose, tenant isolation and data safety are non-negotiable core principles of our architecture.

Environment IsolationDefense-in-Depth RLSIdentity IntegrityMala AI GuardrailsEncryption

Environment Isolation: We implement a "DB-per-client" model for initial rollout, ensuring that each organization has its own dedicated PostgreSQL database and Power BI workspace to prevent cross-tenant data leakage.
Defense-in-Depth RLS: Security is enforced at multiple layers. We utilize industrial-grade Row-Level Security (RLS) in both the PostgreSQL database and the Power BI semantic model to strictly filter data by verified user identity.
Identity Integrity: Access is controlled via email verification, admin approval, and TOTP 2FA. All user identities and tenant scopes are derived server-side from validated session tokens; we never trust client-supplied IDs to prevent spoofing.
Mala AI Guardrails: Our AI assistant only interacts with curated, aggregated views. No raw transactional rows are ever sent to the Large Language Model (LLM), and sensitive identifiers (e.g., bank account numbers) are explicitly stripped via a column whitelist.
Encryption: All data is protected by industry-standard encryption at rest (AES) and in transit (TLS).

Auditability: We maintain comprehensive audit trails for all sensitive operations, including data exports, administrative changes, and Mala AI conversations.
Data Lifecycle Management: To minimize the data footprint, raw file uploads (CSV/XLSX) are subject to an automated 90-day lifecycle auto-delete policy.
Backups & Recovery: We perform nightly encrypted backups (pg_dump) of each client database, with a retention period of 30–60 days for disaster recovery.
Secret Management: All connection strings, API keys, and service principal credentials are stored securely in Azure Key Vault, never in source code.

Credential Discipline: Users must maintain strong, unique credentials and utilize 2FA where enabled.
Scoped Access Management: Org Admins are responsible for the governance of their users, including managing invitations and ensuring only authorized personnel have access to specific reporting entities.
Secure Exports: Users are responsible for the internal handling of any PDF files generated by the export service.
Prompt Reporting: Customers must report any suspected unauthorized access or potential security issues immediately to info@stonerosetreasury.co.uk.