16: Security & Compliance
      Back to home
      1. Home
      2. 16: Security & Compliance

      Rayven Security Architecture Overview

      An overview of the platform’s enterprise-grade security features and infrastructure

      Overview

      Rayven is built with security as a core pillar. Whether you're building internal tools, external customer-facing applications, or integrating with sensitive systems, the platform provides a comprehensive set of security features to protect your data, manage user access, and ensure system resilience. This page provides an overview of the key elements of Rayven’s security architecture and the built-in measures that support secure deployment and operations.

      Platform Security Principles

      Rayven’s security architecture is structured around five key principles:

      1. Data Protection: Ensuring the confidentiality, integrity, and availability of data—whether in transit, at rest, or in use.

      2. Access Control: Robust user authentication, role-based access control, and support for private cloud deployments.

      3. System Resilience: High availability architecture that eliminates single points of failure.

      4. Monitoring & Auditability: Security event monitoring, incident response workflows, and data flow anomaly detection.

      5. Customer Control & Ownership: Customers retain full ownership of their data and control how it is accessed and retained.

      Core Security Features

      Data Encryption

      Rayven encrypts all data:

      • In Transit:

        • Device to Cloud: SHA-256 with RSA encryption (device-dependent)

        • End-User to Cloud: 256-bit SSL

      • At Rest:

        • Workflow and system data encrypted using AES-256

        • Passwords encrypted with one-way SHA256

        • User data encrypted using Triple DES

      Authentication & Access Control

      • Workspace Access: Username/password, role-based permissions, and optional multifactor authentication (MFA) for enterprise customers.

      • API Security:

        • Token-based authentication

        • Support for bearer tokens

        • Optional certificate-based device authentication (for enterprise customers)

      • Single Sign-On (SSO): Available on request for enterprise users

      • Password Policies: Minimum length and complexity requirements (uppercase, lowercase, number, special character)

      High Availability & Infrastructure Resilience

      Rayven’s infrastructure is built to eliminate single points of failure and is hosted on Microsoft Azure, benefiting from its enterprise-grade reliability and security.

      • Geo-Redundant Storage: Ensures data durability and availability

      • Azure Security Center Integration:

        • Monitors for risks and provides recommendations

        • Uses JIT VM access, alerts, and policy enforcement tools

      Backup & Disaster Recovery

      • Automated Azure Backups:

        • Daily backups with 60-day retention

        • Weekly and monthly backups retained for 1 and 3 years respectively

      • Backup Scope: Includes full image backups of all IaaS virtual machines

      • Recovery: Data loss risk is minimised with rapid recovery options

      Supported Security Protocols

      Rayven’s platform and services support:

      • TLS Handshake and TLS Record Protocols

      • SSL encryption for front-end interactions

      • Certificate-based authentication for devices

      • VPN access for private cloud customers

      • Secure file transfer via SFTP

      • Role-Based Access Control (RBAC) within Azure

      • Azure Policy and Resource Locks for platform protection

      Data Ownership & Control

      Rayven customers maintain full control over their data:

      • Privacy: Data is never shared or sold without consent

      • Access Methods:

        • API access (authenticated)

        • VPN-secured access (private cloud)

        • CSV exports, SQL import, and other custom access methods

      • Customer-Defined Retention: You control how long data is stored and what is deleted

      Summary

      Rayven’s security architecture is designed to meet enterprise demands for data protection, system reliability, and user control. It leverages best-in-class Azure infrastructure and provides all the necessary controls to help customers build secure, compliant applications confidently.

      FAQs

      How is data secured during transmission?
      Data is encrypted using SSL/TLS for all interactions, and SHA-256 with RSA encryption for device communications where applicable.

      Can Rayven support private cloud deployments?
      Yes. Rayven supports private cloud environments with enhanced controls including VPN access and at-rest database encryption.

      What authentication methods are available for API access?
      Rayven supports token-based authentication, username/password, and optional certificate-based methods.

      Does Rayven support single sign-on (SSO)?
      Yes, SSO can be configured upon request for enterprise accounts.

      What happens if a server or region goes down?
      Rayven’s infrastructure is designed with no single point of failure. Data and services are replicated across regions and can be scaled or recovered without downtime.

      How does Rayven protect against unauthorised access?
      Strict role-based access, password policies, multi-factor authentication, and real-time monitoring help prevent unauthorised access.

      Who owns the data in a Rayven application?
      The customer always owns the data. You decide how it is used, who can access it, and how long it is retained.