Security

Last updated: 13 March 2026

Security and reliability are core priorities at Crowswatch. The platform is designed with modern infrastructure, strong encryption, and operational practices that protect your data and keep the service available. This page outlines our approach.

Security principles

Crowswatch is built with security, reliability, and transparency in mind. We follow the principle of least privilege across our systems, encrypt sensitive data at rest and in transit, and design our architecture to minimise the attack surface. Security is not an afterthought. It is part of how we build and operate the platform.

Infrastructure security

The Crowswatch service is hosted on secure cloud infrastructure with modern security controls. Our infrastructure includes network-level protections such as firewalls, traffic filtering, and DDoS mitigation. Systems are kept up to date with security patches and are monitored for anomalous activity.

Production environments are isolated from development and staging systems. Administrative access to infrastructure is restricted, audited, and requires multi-factor authentication.

Encryption

All data in transit between your browser and the Crowswatch service is protected using HTTPS with TLS. API credentials and integration tokens that you store in Crowswatch are encrypted at rest using AES-256-GCM with unique initialisation vectors. Encrypted values are only decrypted server-side, immediately before use, and are never exposed to client-side code, logged, or included in API responses.

Access control

Access to Crowswatch systems and infrastructure is restricted to authorised personnel and follows the principle of least privilege. All administrative access requires multi-factor authentication and is logged for audit purposes.

Within the application, all database tables are protected by row-level security policies that restrict access to users within their own team. Write operations are gated by role-based permissions, and user identity is always derived from the authenticated session, never from client-supplied values.

Service monitoring

The Crowswatch platform is continuously monitored for availability, performance, and abnormal behaviour. We use automated alerting to detect outages, elevated error rates, and unusual access patterns. When issues are detected, our team is notified immediately so we can investigate and respond quickly.

Responsible disclosure

We value the work of security researchers and welcome responsible disclosure of vulnerabilities. If you believe you have found a security issue in the Crowswatch platform, please report it to us so we can investigate and address it.

Please send reports to security@crowswatch.io with a clear description of the issue, steps to reproduce it, and any supporting evidence. We ask that you give us reasonable time to investigate and resolve the issue before making any public disclosure.

All responsible disclosures will be investigated promptly. We appreciate your help in keeping Crowswatch and our users safe.

Data protection

For details on how we collect, use, store, and protect your personal information, including your rights under applicable data protection laws, please refer to our Privacy Policy.

Compliance and continuous improvement

Our security practices are reviewed and improved on an ongoing basis as the platform evolves. We regularly assess our infrastructure, review access controls, and update our processes to reflect current best practices and emerging threats. As Crowswatch grows, we are committed to pursuing formal security certifications and third-party audits to provide additional assurance to our users.

Contact

If you have questions about our security practices, please contact us at security@crowswatch.io.