Security
Enterprise-grade security, by default
Data protection isn't an add-on at Cadence — it's foundational. Every layer of the platform is designed to keep your organisation's data isolated, encrypted, and secure.
Core protections
Built secure from day one
Security is embedded into every layer of Cadence — from database to API to application.
Complete Data Isolation
Every organisation's data is completely separate. Tenant-level isolation at the database, API, and application layers ensures no data leakage between accounts.
Encryption Everywhere
All data is encrypted in transit (TLS 1.2+) and at rest. Sensitive information is protected end-to-end across the entire platform.
Multi-Factor Authentication
Secure login with multi-factor authentication, session management with automatic expiry, and token rotation to protect every account.
Role-Based Access Control
Granular permissions for executives, executive assistants, tenant admins, and platform admins. Every user sees only what they need to.
Zero Credential Exposure
All secrets and credentials are managed in a dedicated vault — never stored in code, configuration files, or application logs.
Secure Integrations
Calendar sync and external connections are protected with strict validation and allow-listing. Webhook notifications are cryptographically signed for authenticity.
Infrastructure
Hosted on Microsoft Azure
Cadence runs on Microsoft Azure with enterprise-grade infrastructure security and clear data residency.
EU Data Residency
All data hosted in Azure West Europe (Netherlands). No data is transferred outside the EU for processing or storage.
Credential-Free Infrastructure
Internal services authenticate without stored passwords or API keys. Infrastructure access is managed by the platform itself — no credentials to leak.
Continuous Monitoring
Platform health is monitored around the clock with scoped, time-limited access to diagnostics. No production data is exposed during monitoring.
Ongoing practices
Security is continuous, not a checkbox
We invest in proactive security testing and access controls to stay ahead of threats.
Monthly Penetration Testing
We conduct monthly penetration tests against the Cadence platform to identify and remediate vulnerabilities before they become risks. Results are reviewed by the engineering team and findings are addressed within defined SLAs.
Single Sign-On (SSO)
SSO is available on Professional and Enterprise plans, allowing your team to authenticate through your existing identity provider. Centralised access management reduces credential sprawl and improves security posture.
EU Data Residency
All customer data resides in the European Union (Azure West Europe, Netherlands). No data is transferred outside the EU for processing or storage.
Dependency & Vulnerability Scanning
Automated vulnerability scanning runs against every code change and dependency update. Known vulnerabilities are flagged and patched before they reach production.
Questions about security?
We are happy to walk through our security approach, share our policies, or discuss specific compliance requirements for your organisation.