ØOgmaCoreOgmaCore
Security

Cloud-native security built for bank-grade controls.

OgmaCore is a fully cloud-hosted, multi-tenant platform designed around strong data isolation, encryption, and auditable access. Controls are aligned to what credit, risk, and InfoSec teams typically expect: least-privilege access, tenant scoping, end-to-end logging, and secure handling of sensitive borrower data.

Cloud-hosted with strong isolation

OgmaCore is delivered as a managed cloud service. All data access is tenant-scoped to prevent cross-tenant visibility, with strict server-side enforcement across APIs, storage, and workflows.

Encryption in transit and at rest

TLS is used for data in transit. Data at rest is encrypted using industry-standard mechanisms, including encryption for stored documents and database records.

Tenant scoping & row-level authorization

Every request is evaluated against tenant context (and role) before any read/write occurs. Authorization is enforced server-side so UI state alone can’t grant access.

Role-based access control

Designed for least privilege and clear separation of duties across credit analysts, approvers, administrators, and read-only reviewers.

Audit logging & traceability

Key user actions and workflow events are logged to support governance, incident response, and audit reviews (e.g., who accessed what, when, and what changed).

Secure document & image handling

Uploaded files are stored privately. Access is controlled and time-bound (e.g., signed URLs), reducing the risk of unintended sharing while keeping workflows fast.

Secrets management

Credentials and sensitive configuration values are not hard-coded. Secrets are managed using secure runtime configuration and rotated according to best practice.

Resilience, backups, and recovery

Platform components are designed for high availability, with backups and recovery procedures to support operational continuity.
What your InfoSec team can validate
  • Encryption in transit (TLS) and encryption at rest for stored data
  • Strict tenant isolation and server-enforced authorization
  • RBAC aligned to least privilege and separation of duties
  • Audit logs for access, changes, and key workflow events
  • Private storage for documents/images with controlled access
  • Secure secrets handling and operational hardening practices
Important note

OgmaCore provides analytical tools only. It does not provide financial, credit, legal, or investment advice. All credit decisions remain the sole responsibility of the financial institution and its personnel.