Platform OverviewAccounting & FinanceCRM & SalesHR & PayrollInventory & WarehousingProjects & Work ManagementJob Costing
For Finance TeamsFor Sales TeamsFor Procurement TeamsFor HR TeamsFor Operations TeamsFor Executives
PricingCompare
FAQsImplementationSecurityBlogDocumentation
Log inGet Started

Security

Enterprise-grade security by default

Your business data deserves military-grade protection. Arkan is built from the ground up with 7 layers of data isolation, end-to-end encryption, and full compliance.

Security at Every Layer

From infrastructure to application logic, security is not an afterthought at Arkan.

Row-Level Isolation

Every database query is scoped to the active company. Data never leaks between tenants, even in shared infrastructure.

AES-256 Encryption

All data encrypted at rest with AES-256. In-transit encryption via TLS 1.3 for every API call and client connection.

Audit Trails

Every action is logged with user, timestamp, IP address, and changed values. Immutable audit logs for compliance.

RBAC & Permissions

Granular role-based access control with module-level, record-level, and field-level permission scoping.

SOC 2 Compliance

Infrastructure and processes aligned with SOC 2 Type II, GDPR, and GCC data residency requirements.

Azure Infrastructure

Hosted on Microsoft Azure with geo-redundant backups, auto-scaling, and 99.9% uptime SLA guarantee.

Data Isolation

7 layers of data isolation

Arkan implements defense-in-depth for multi-tenant data isolation. Even if one layer is bypassed, six more stand between your data and unauthorized access.

1

Company Scope Guard

Every API request is automatically scoped to the authenticated company context.

2

Database Row-Level Security

PostgreSQL RLS policies enforce data isolation at the database engine level.

3

Service-Layer Validation

Business logic services validate company ownership before every read and write.

4

API Gateway Filtering

Request middleware strips and validates company context before routing.

5

Tenant Context Propagation

Company context is cryptographically bound to the session token.

6

Query Builder Scoping

ORM-level automatic WHERE clauses ensure no cross-tenant data access.

7

Audit & Anomaly Detection

Real-time monitoring flags any cross-tenant access patterns.

1
Company Scope Guard
2
Database Row-Level Security
3
Service-Layer Validation
4
API Gateway Filtering
5
Tenant Context Propagation
6
Query Builder Scoping
7
Audit & Anomaly Detection

Encryption Standards

  • AES-256 encryption for all data at rest
  • TLS 1.3 for all data in transit
  • Encrypted database backups with geo-redundancy
  • Key rotation on a 90-day schedule
  • Zero-knowledge architecture for sensitive fields

Compliance & Certifications

  • SOC 2 Type II aligned processes
  • GDPR-compliant data handling
  • GCC data residency requirements met
  • ZATCA e-invoicing compliance
  • Regular third-party penetration testing

Security you can trust with your business

Request a detailed security whitepaper or schedule a call with our security team to discuss your requirements.