Trust & Security

Last updated: June 11, 2026

1. Infrastructure & Data Location

The Mediacast cloud platform runs on Amazon Web Services in the United States (us-east-1), in a dedicated production account isolated from development and corporate workloads. Data is encrypted in transit (TLS) and at rest (encrypted databases and object storage). Production databases are deletion-protected, run across multiple availability zones, and maintain continuous point-in-time-recovery backups whose restore procedure is exercised on a recurring drill cadence — not just configured.

2. Tenant Isolation

Mediacast is multi-tenant by design, with isolation enforced in depth rather than by convention:

• Every database table carries tenant ownership enforced by PostgreSQL row-level security, and tenant-isolation behavior is exercised by automated integration tests on every code change.
• Each tenant has its own identity realm and its own cryptographic signing keys; key material is stored in a managed secrets vault, never in application databases, and production refuses to start in any configuration that would weaken this.
• On-premises edge deployments connect over per-tenant WireGuard tunnels with per-tenant key pairs — compromise of one tenant’s tunnel cannot reach another’s.
• Backend services are not reachable from the internet; all traffic enters through a single hardened API gateway, and east-west traffic inside the platform is restricted by network policy.

3. Identity & Access

Authentication is OpenID Connect, brokered by a dedicated identity service. Customer organizations can federate their own identity provider (Okta, Microsoft Entra ID, and other SAML/OIDC providers) so their users authenticate under their own policies. Access tokens are short-lived and scope-limited; guest access (for example, suite-holder controls) uses time-bound, device-bound, revocable tokens rather than shared credentials.

4. Engineering Practice

Security is enforced by machinery in our development process, not by memory:

• All code reaches production through reviewed pull requests with required, passing continuous integration — direct pushes to release branches are blocked organization-wide.
• Automated secrets scanning runs on every change.
• Integration tests covering tenant isolation, authentication, and messaging run on every pull request.
• Administrative and control actions are audit-logged.
• Architectural and security decisions are recorded in a maintained decision log, and known limitations are tracked in dated, reviewed ledgers rather than left implicit.

5. Subprocessors

Customer data is processed by the following infrastructure subprocessors:

• Amazon Web Services — cloud infrastructure (United States, us-east-1)
• Cloudflare — DNS and content delivery

We will update this list before adding any subprocessor that processes customer data.

6. Certifications & Roadmap

Mediacast has not yet completed formal third-party certifications. Our control environment — access management, audit logging, change management, encryption, and incident response — is built to be audit-ready, and a SOC 2 program is on our roadmap. Customers with security questionnaires or review requirements are welcome to engage us directly; we answer them with current, accurate detail rather than boilerplate.

7. Reporting a Vulnerability

If you believe you have found a security issue in any Mediacast product or service, please contact us and we will respond promptly: