Security
Our Commitment
At Veteran Vectors, security is foundational — not an afterthought. As a veteran-owned company serving defense contractors, financial services firms, and compliance-focused SMBs, we hold ourselves to the same standards we help our clients achieve.
Data Handling
- ✓All client data is encrypted in transit (TLS 1.2+) and at rest
- ✓Client credentials and API keys are stored in secure, access-controlled vaults — never in code, logs, or shared documents
- ✓We follow the principle of least privilege: team members and automations only access the data required for their specific function
- ✓Client data is never used to train AI models or shared with third parties without explicit written consent
Infrastructure & Access Controls
- ✓Multi-factor authentication (MFA) enforced on all internal systems and client-facing tools
- ✓Automation workflows are deployed in isolated environments with scoped permissions
- ✓Webhook endpoints use token-based authentication and IP allowlisting where supported
- ✓Regular access reviews ensure credentials are rotated and unused permissions are revoked
Compliance Alignment
- ✓Automation solutions designed to maintain CMMC and NIST 800-171 compliance for defense industry clients
- ✓SOC 2 and HIPAA considerations built into workflows for clients in regulated industries
- ✓Non-disclosure agreements (NDAs) executed upon request for all client engagements
- ✓Audit trails maintained for automation actions that touch sensitive data
AI Safety
- ✓AI-generated outputs are validated before acting on business-critical decisions
- ✓Human-in-the-loop review is configured for high-stakes automation workflows
- ✓Prompts and AI inputs are sanitized to prevent injection attacks
- ✓Error handling and fallback mechanisms ensure automations fail safely rather than silently
Reporting a Security Concern
If you discover a security issue or have questions about our practices, contact us at [email protected]. We take all reports seriously and will respond within 48 hours.