Security Overview

Hosting & Data Centers

• Platform infrastructure is hosted by Liquid Web, a SOC 2 and SOC 3 certified hosting provider with enterprise-grade data center facilities in the United States.
• Data centers feature physical access controls, biometric entry, 24/7 surveillance, redundant power, and environmental controls.
• Platform status is monitored and publicly available at status.triprism.com.

Cloud Storage

• Photographs and media assets are stored on Liquid Web S3-compatible object storage with server-side encryption at rest (AES-256).
• Access to stored files is controlled via time-limited signed URLs that expire after a configurable window (default: 24 hours).
• S3 bucket policies enforce least-privilege access — only the application service account has write access.

Network Security

• All data in transit is encrypted using TLS 1.2 or higher.
• HTTPS is enforced across all Platform domains with no fallback to unencrypted connections.
• Database connections are restricted to application servers only — no public database access is permitted.

Endpoint Protection

• All infrastructure endpoints are protected by enterprise-grade cybersecurity software with real-time threat detection, malware prevention, and automated remediation.
• Endpoint protection is centrally managed with continuous monitoring and alerting.

Authentication

• Passwords are stored using one-way cryptographic hashing — we never store plaintext passwords.
• Two-factor authentication (2FA) is available for all accounts via TOTP (authenticator app), email, or SMS verification.
• MFA is mandatory for TriPrism administrative access.
• Photographer account owners can enforce MFA for users in their own account from the account dashboard, based on their policy requirements.
• Configurable password expiry policies (30 to 365 days) with forced reset on next login.
• Per-username and per-IP rate limiting protects against brute force login attempts with automatic lockout after repeated failures.

Authorization

• Role-based access control (RBAC) with 10 distinct user roles, each with granular permission sets covering read, write, and execute tiers.
• Per-user permission overrides allow photographers to customize access beyond role defaults, including action-level sub-keys (create, delete, settings, graphics).
• Geographic scoping restricts data visibility for regional, area, and location-level users to their assigned organizational units.
• Session-based authentication with automatic expiry after 2 hours of inactivity.

Data Protection

• Cross-site request forgery (CSRF) protection on all form submissions.
• Input validation and output encoding to prevent injection attacks.
• Sensitive credentials (API keys, payment tokens) are encrypted at rest using application-level encryption.
• Database queries use parameterized statements to prevent SQL injection.

API Security

• Webhook endpoints (SendGrid, Twilio) verify cryptographic signatures to authenticate inbound requests.
• The API Integration Builder enforces SSRF protections — private IP ranges, internal hostnames, and metadata endpoints are blocked.
• Photographer-configured API integrations use encrypted credential storage and are validated at both save-time and runtime.

Audit Logging

• All administrative actions are recorded in an append-only audit log, including: who performed the action, what was changed, when, from where (IP address), and the outcome (success/failure).
• Risk-based classification automatically flags unusual activity patterns (e.g., high-volume deletions, off-hours access, privilege escalation) for immediate review.
• Per-photographer activity logs provide account-level audit trails accessible to photographer administrators.
• Audit logs are retained for a minimum of 7 years to support contractual, security, and regulatory obligations.

Monitoring & Alerting

• Automated alerts notify administrators of elevated and critical security events in real time.
• Login failure monitoring with configurable thresholds triggers alerts for potential brute force or credential stuffing attacks.
• 2FA failure monitoring detects and alerts on repeated authentication bypass attempts.
• Monthly vulnerability scanning is performed, with findings triaged and tracked to remediation and closure in our internal issue management system.
• Quarterly external perimeter/PCI-style scans are reviewed and actioned through the same remediation workflow.

Access Management

• Employee access to production systems follows the principle of least privilege.
• Administrative accounts are protected with mandatory two-factor authentication.
• Admin masquerade sessions (for support purposes) are logged with the original administrator’s identity preserved in the audit trail.
• Read-only admin roles are available for support staff who need to view but not modify photographer accounts.

• GDPR Tools: Built-in data search, export (CSV ZIP), and cascade-safe erasure across all data channels, with typed confirmation and dry-run impact preview.
• Suppression Lists: Per-photographer email and SMS suppression lists automatically populated by bounce/complaint processing. Checked before every outbound communication.
• Model Release Management: Digital consent capture with configurable templates, customer-facing revocation links, and audit trail.
• Gallery Access Control: Per-location gallery enable/disable, email allowlists, and configurable gallery code types.
• No Biometric Processing: PhotoTouch does not perform facial recognition, biometric template generation, or cross-photo identity matching on any photographs.
• No Advertising: We do not use cookies or tracking technologies for advertising purposes. No data is shared with advertising networks.

• Outbound emails are delivered via SendGrid with SPF, DKIM, and DMARC authentication to prevent spoofing and improve deliverability.
• Webhook signature verification ensures that delivery event data (opens, clicks, bounces) originates from legitimate sources.
• Bounce and complaint processing with automatic suppression prevents sending to invalid or complaining addresses.
• Configurable sending hours prevent outbound communications during off-hours, with timezone-aware scheduling.
• SMS delivery is tracked via Twilio webhooks with automatic suppression for undeliverable numbers and opt-outs.

Backup Infrastructure

• Automated database backups are performed on a regular schedule and stored in geographically separate off-site locations using enterprise backup infrastructure.
• Backup data is encrypted at rest and follows the same retention schedule as primary data.
• File-level and system-level backups are maintained independently of database backups to provide multiple recovery paths.

Recovery & Continuity

• Recovery procedures are tested periodically to verify that data can be restored within acceptable timeframes.
• Infrastructure is designed with redundancy at the network, compute, and storage layers to minimize the impact of hardware failures.
• Platform status and availability are monitored continuously with public reporting at status.triprism.com.

Periodic Reviews

• Scheduled compliance reviews are conducted at 30, 90, 180, and 365-day intervals covering audit log review, access verification, credential rotation, and integration audits.
• Each review produces a documented record of findings, action items, and the reviewer’s identity — forming an auditable evidence trail.
• Overdue reviews are automatically escalated with administrator notifications.

Compliance Frameworks

Third-party provider certifications are available through vendor trust portals. Platform assurance inquiries: security@triprism.com.

• Documented incident response plan with quarterly mock exercises and one annual live drill
• SOC 2 Type II attestation is in progress
• Monthly vulnerability scanning and tracked remediation are in operation
• Quarterly external perimeter/PCI-style scan review is in operation
• Independent third-party penetration testing is planned and not yet completed
• Cyber insurance is currently under evaluation

• We maintain a documented incident response plan covering identification, containment, eradication, recovery, and post-incident review.
• Security incidents affecting customer data are communicated to affected photographers without undue delay, including within 72 hours where required by applicable law (for example GDPR Article 33).
• Post-incident reviews are conducted to identify root causes and implement preventive measures.

If you discover a security vulnerability in the PhotoTouch platform, we encourage responsible disclosure. Please report vulnerabilities to:

Email

security@triprism.com

Please include a description of the vulnerability, steps to reproduce, and any supporting evidence. We will acknowledge receipt within 2 business days and work to address confirmed vulnerabilities promptly. We ask that you not publicly disclose the vulnerability until we have had a reasonable opportunity to address it.

For security inquiries, audit requests, or to report a concern:

Email

security@triprism.com

Company

TriPrism, Inc. dba PhotoTouch, Inc.

Address

San Diego, California, United States

Status Page

status.triprism.com