Secure Chain Logo
support@chainanalytik.com +44 7861 947887 +31 20 2254559

Cybersecurity Policy

Safeguarding your digital assets, sensitive data, and privacy with military-grade security protocols.

1. Purpose and Scope

At Secure Chain, dealing with compromised digital assets and sensitive forensic data demands the highest standard of cybersecurity. This policy outlines the technical, physical, and administrative safeguards we enforce to protect our clients' confidential information, transaction histories, wallet addresses, and our internal operational infrastructure.

This policy applies to all employees, contractors, partners, and third-party vendors working with Secure Chain.

2. Data Protection & Encryption

2.1 Data in Transit and at Rest

All client data, case files, and forensic reports are strictly encrypted both in transit and at rest. We utilize AES-256 encryption for stored data and TLS 1.3 protocols for all network communications. Unencrypted transmission of sensitive case data is strictly prohibited.

2.2 Secure Storage

Digital evidence and forensic ledgers are stored on highly secure, isolated servers with rigorous access controls. We utilize industry-leading cloud infrastructure providers that comply with SOC 2 Type II and ISO 27001 standards.

3. Access Control & Identity Management

3.1 Zero-Trust Architecture

Secure Chain operates on a Zero-Trust security model. No user or device is trusted by default, regardless of whether they are inside or outside our network perimeter. Continuous verification is required for all access requests.

3.2 Multi-Factor Authentication (MFA)

Strict Multi-Factor Authentication (MFA) is enforced across all company systems, communication channels, and databases. Hardware security keys are required for access to highly sensitive forensic environments.

3.3 Principle of Least Privilege

Staff and investigators are granted access only to the data and systems absolutely necessary for their specific roles. Access rights are reviewed and audited on a monthly basis.

4. Threat Detection & Vulnerability Management

4.1 Continuous Monitoring

Our internal networks and cloud environments are monitored 24/7/365 by automated Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) tools to identify and neutralize anomalous behavior instantly.

4.2 Penetration Testing

We conduct routine vulnerability scanning and contract independent, third-party cybersecurity firms to perform comprehensive penetration testing on our infrastructure at least bi-annually.

5. Incident Response Plan

In the highly unlikely event of a security breach or data compromise, Secure Chain maintains a strict Incident Response Plan (IRP):

  • Containment: Immediate isolation of affected systems to prevent lateral movement.
  • Eradication & Recovery: Removal of the threat and restoration of systems from secure, immutable backups.
  • Notification: Prompt notification to affected clients and relevant regulatory authorities in accordance with GDPR and applicable global data protection laws.

6. Employee Security Training

Human error is a primary vector for cyber threats. All Secure Chain personnel undergo rigorous cybersecurity training during onboarding, followed by mandatory quarterly refresher courses. This training focuses heavily on identifying advanced phishing attacks, social engineering tactics, and safe handling of cryptographic keys.

7. Contacting Our Security Team

If you believe you have discovered a vulnerability on our platform, or if you have questions regarding our security practices, we encourage you to contact our dedicated security team.

Email: support@chainanalytik.com (Please use the subject line "Security Inquiry")

Last Updated: March 2026