RecordLens Data Security and Access Management Brief

Overview: RecordLens is a project management platform designed specifically for enterprise utilities. We are committed to ensuring the highest level of security for your data, implementing stringent security measures, and following industry best practices. Below is an overview of the key components that make RecordLens a secure and reliable platform.

1. SOC 2 Type 2 Certification (In Progress): We are currently undergoing the SOC 2 Type 2 audit process, which demonstrates our commitment to maintaining a strong control environment in the following areas: security, availability, processing integrity, confidentiality, and privacy. This certification will ensure that we are consistently maintaining secure practices over time.

   Visit our Trust Center to learn more about our certifications.

2. Data Storage & Processing (AWS): RecordLens uses Amazon Web Services (AWS) for data storage and processing. AWS is widely recognized for its robust security features, including:

   • Encryption at Rest and In Transit: All data is encrypted using industry-standard protocols both while at rest and during transmission.

     • RDS databases are encrypted using AES-256 encryption, with automated backups configured to create regular, encrypted snapshots stored in a different region, ensuring disaster recovery capabilities.

     • All EC2 instances enforce TLS for secure inter-service communications within a gated VPC, ensuring encrypted data transmission across the network.

   • Regular Audits: AWS is fully compliant with top certifications and standards, including ISO 27001, SOC 2, and PCI DSS.

3. Authentication & Access Control:RecordLens provides a range of authentication and access control features to enhance data security:

   • Password Policies:Customers can configure their own password strength and complexity requirements based on their organizational policies.

   • Two-Factor Authentication (2FA):We offer optional organization-wide 2FA for an additional layer of security during login.

   • Single Sign-On (SSO) Integration:We support SSO integration with your identity providers, making it easy to manage user access securely.

4. Search Capabilities (Algolia): Algolia powers our search functionalities. It offers high performance while keeping security at the forefront, ensuring that customer data is never exposed through search queries. Algolia is fully compliant with GDPR, SOC 2, SOC 3, ISO27001, and ISO27017, and encryption is implemented across the platform.

5. Mapping & Geolocation Services (Google Cloud): Our map services are powered by Google Cloud. Google Cloud is fully compliant with stringent security and privacy standards,

   including ISO/IEC 27001, SOC 1, 2, and 3, and GDPR compliance. Data involved in map rendering and geolocation is processed securely.

6. Product Analytics (Mixpanel):For product analytics, we use Mixpanel to track and improve user experience. Mixpanel encrypts data both in transit and at-rest. Mixpanel is fully compliant with GDPR, CCPA, SOC2 type II, ISO 27001 and ISO 27701.

7. System Performance Tracking (Sentry):To ensure the reliability of our platform, RecordLens uses Sentry for performance monitoring. Sentry helps us identify and resolve performance issues quickly without compromising user privacy. All sensitive data is anonymized before being logged. Sentry is fully compliant with SOC2 type II and ISO 27001.

8. Code Hosting (GitHub):Our code is hosted securely on GitHub, which employs industry-leading security measures, including 2FA, code signing, and encrypted repositories. GitHub is fully compliant with SOC 1, SOC 2, and ISO 27001.

9. Mobile App Deployment:

   • Expo:RecordLens uses Expo to bundle and distribute mobile applications. Expo ensures security by offering regular updates and monitoring for vulnerabilities. Expo is fully compliant with SOC 2.

   • Google Play Console: Android apps are securely deployed through Google Play, which enforces a stringent review process for each release. Google Play Console operates under the Google Cloud umbrella, and thus includes full compliance with all Google Cloud certifications as listed above.

   • Apple App Store Connect:iOS apps are deployed through Apple's App Store Connect, following Apple's rigorous app review and security protocols. Apple is fully compliant with ISO 27001 and ISO 27018.

10. Multi-Tenant Architecture & Collaboration: RecordLens operates on a multi-tenant architecture that facilitates seamless collaboration between utilities and their engineering and construction partners. This architecture allows multiple organizations to work within the platform while maintaining secure, isolated data environments.

    • Permission Schemas: RecordLens uses a detailed permission model at both the organization level and project level. Permissions are assigned using role-based access control (RBAC).

    • Role Assignment: At the organizational level, roles are created with defined read/write access permissions. Users are then assigned roles, granting them the permissions associated with that role.

    • Project-Level Collaboration: At the project level, customers can invite other users from other organizations to collaborate on projects. Contractors and partners are assigned roles that determine their read/write permissions, enabling secure and efficient project collaboration.

This system ensures that sensitive data is only accessible by those with the appropriate permissions, reducing the risk of unauthorized access while enabling external stakeholders, like contractors, to contribute effectively.

Conclusion: RecordLens takes a comprehensive, layered approach to security and access management, integrating best-in-class tools and practices to safeguard your data. With our multi-tenant architecture, role-based permissions, and secure third-party services, we offer a robust and secure environment for managing construction projects across multiple stakeholders. Our in-progress SOC 2 Type 2 certification process further demonstrates our commitment to the security, availability, and confidentiality of customer data. We welcome your IT department's collaboration to tailor our security features to meet your specific needs.

For further inquiries or details, feel free to contact us at support@recordlens.com