Security

Campaign data is sensitive. We treat it that way.

Mitria processes voter data, communication records, and strategic campaign information. We understand the responsibility that comes with handling this data and have built security into every layer of the platform.

Encryption Everywhere

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. API keys, tokens, and credentials are stored in dedicated secrets management systems, never in application code.

Access Control

Production systems use role-based access control with the principle of least privilege. All access is logged and auditable. Multi-factor authentication is enforced for all team members.

Infrastructure Isolation

Each campaign's data is logically isolated at the infrastructure level. There is no cross-campaign data access. Environments are segmented between development, staging, and production.

Compliance Safeguards

Built-in guardrails detect opt-out variants, block unsafe auto-replies, flag compliance-sensitive messages, and escalate threats or press inquiries. Approval workflows ensure humans review high-risk communications.

Operational Security Practices

  • Regular vulnerability scanning and dependency auditing across all services.
  • Incident response procedures with defined escalation paths and notification timelines.
  • All code changes go through peer review before deployment to production.
  • Infrastructure provisioned through code (IaC) to ensure consistency and auditability.
  • Automated monitoring and alerting for anomalous access patterns or system behavior.
  • Data backups with tested recovery procedures to protect against loss.

Report a Vulnerability

If you believe you have found a security vulnerability in Mitria, please report it responsibly. Contact us at security@mitria.com and we will respond within 48 hours.