Infrastructure Security
Security Architecture
Forevue is built on the assumption that every byte of data it touches is sensitive. Our security architecture implements controls aligned with criminal justice information security standards as a best-practice measure.
Security Posture
Encryption: AES-256 / TLS 1.2+Audit Log: EnabledAccess Control: RBAC Enforced
01
Infrastructure
Cloud ProviderGoogle Cloud Platform (FedRAMP authorized)
ComputeGoogle Cloud Run (serverless, auto-scaling)
DatabaseManaged cloud database (replicated, US data residency)
CDNGoogle Global Edge Network
RegionUS-Central1 (Iowa), configured for US data residency
02
Encryption
In TransitTLS 1.2+ enforced on all endpoints
At RestAES-256 encryption for all stored data
PII FieldsApplication-level encryption for SSN, DOB, DL#
Key ManagementGoogle Cloud KMS with automatic rotation
Questionnaire LinksCryptographic token-based, single-use capable
03
Access Control
AuthenticationMulti-factor authentication support
AuthorizationRole-based access (Super Admin, Agency Admin, Investigator)
Agency IsolationPlatform security rules enforce cross-agency data segregation
Session ManagementSecure, httpOnly cookies with automatic expiration
API SecurityAuthenticated endpoints with rate limiting
04
Audit & Compliance
Audit TrailsFull read/write logging on all PII access
CJIS AlignmentArchitecture implements controls aligned with CJIS Security Policy as a best-practice measure
Data RetentionConfigurable per agency, automatic purge on expiration
Incident ResponseDocumented incident response plan with 24hr notification
Penetration TestingScheduled third-party security assessments
Responsible Disclosure
If you believe you have discovered a security vulnerability in Forevue, we encourage responsible disclosure. Please report findings to hello@forevueinsights.com. We commit to acknowledging reports within 24 hours and providing status updates within 72 hours.