> ## Documentation Index
> Fetch the complete documentation index at: https://developer.fabric.inc/llms.txt
> Use this file to discover all available pages before exploring further.

# Data Security

fabric enforces strong security measures across its platform. This topic outlines key fabric security practices.

## Authentication and Access Control

Access to fabric systems is controlled and monitored.

* **Authentication:** All users must authenticate through secure login procedures. Multi-factor authentication is supported where applicable.
* **Access Control:** Role-based access control ensures users only have access to the data and actions that are relevant to their role. Permission can be scoped by:
  * **Tenant:** Restricts access to a specific customer or environment
  * **Module:** Restricts access to specific services or features.

## Data Encryption and Storage

fabric protects customer data through robust encryption practices and secure infrastructure.

* **Data at Rest:**
  * Encrypted using industry-standard algorithms such as AES-256.
  * Stored in secure cloud environments with restricted access controls.
  * Backups ensure data durability and support recovery.

* **Data in Transit:**
  * Secured using HTTPS and TLS 1.2 or higher.
  * Applies to all external and internal service communications.

* **Ongoing Security Monitoring:**
  * Continuous monitoring is in place to detect vulnerabilities in storage and infrastructure.
  * Infrastructure and services are reviewed to maintain compliance and security standards.

## Tenant Isolation

fabric enforces strict separation between tenants to ensure data integrity and privacy.

* Each tenant’s data is isolated at all levels of the platform.
* Access controls are implemented programmatically and enforced across services.
* Controls are reviewed to ensure consistent tenant separation.

## Monitoring, Auditing, and Incident Response

fabric actively monitors its systems to maintain platform security and ensure rapid response to potential issues.

* **Monitoring and Alerts:**
  * Continuous monitoring detects unauthorized access, anomalies, and system failures.
  * Real-time alerting systems notify teams of suspicious activity.

* **Auditing:**
  * All access logs and system changes are recorded and auditable.
  * Logs are retained based on internal data retention policies.

* **Incident Response:**
  * Defined procedures ensure rapid triage and remediation.
  * Relevant stakeholders are notified during incidents as part of the response process.

## Secure Software Development

fabric integrates security into every stage of the software development lifecycle.

* **Code Reviews:**
  * All code is reviewed for security vulnerabilities before deployment.

* **CI/CD Safeguards:**
  * Continuous integration and deployment (CI/CD) pipelines enforce automated build-time checks and security gates.

* **Developer Training:**
  * Developers receive ongoing training in secure coding practices and industry-standard security protocols.

## Regulatory Readiness and Data Governance

fabric implements data protection and privacy controls aligned with industry standards.

* **Data Protection Principles:**
  * Core practices such as encryption, access control, and secure storage are enforced across the platform.

* **Governance Policies:**
  * Internal policies define how customer data is collected, accessed, retained, and deleted in accordance with applicable laws and regulations.

* **Transparency and Accountability:**
  * fabric maintains clear processes for data handling and supports customer compliance with regional regulations, such as privacy and data residency requirements.
