Security & Data Governance

KartaSoft is designed to meet the security and operational requirements of critical infrastructure operators. Our platform operates under SOC 2 aligned security controls covering data protection, system access management, infrastructure security, and operational monitoring.

These controls govern how data is handled across the KartaSoft environment, including authentication, encryption, access management, and audit logging. Customer data is protected using widely recognised industry security practices.

Customer data remains the property of the customer. KartaSoft processes operational and environmental data solely to generate analytical insights and predictive intelligence that support infrastructure risk identification and operational awareness.

KartaSoft operates as an analytical intelligence layer, analysing operational signals and environmental data to identify patterns of elevated infrastructure risk. The platform provides decision support information to assist operators in prioritising investigation and maintenance activities across complex infrastructure networks.

KartaSoft does not interact with, control, or modify customer infrastructure or operational control systems. The platform operates independently from SCADA and other control environments, ensuring operational systems remain fully isolated and under the customer’s control.

Security documentation and supporting materials are available to customers as part of standard vendor security and procurement review processes.

For more information, please refer to our Standard Terms and Conditions.