Security when it MATTRs
At MATTR, trust is at the heart of all we do – products, people, policies and processes.
We’ve embedded privacy, security and compliance out of the box, from cutting edge cryptography to 24/7 incident monitoring and a specialist Security Operations Centre team.
The MATTR Security Framework
Rigorous standards embedded across the entire business, including all production environments and deployment options.
Technical expertise
MATTR’s work is foundational to the digital identity business – we know it inside and out
Enterprise readiness
Our platform security is scalable and ready to enable enterprise level needs
24/7 monitoring
Always-on monitoring tools and a 24/7 incident management team detect possible threats in real time
Privacy first
Enhancing privacy and trust in digital transactions is fundamental to the MATTR approach
Industry-leading cryptography
We are at the forefront of cryptographic technologies and remain agile and responsive to ongoing security model considerations
Continuous improvement
Regular internal and external audits give you peace of mind that we’re always up to scratch
Technical agility backed by robust practices
The MATTR Security Framework (MSF) is based on the NIST Cybersecurity Framework, NIST 800-53 Security and Privacy Controls for Information Systems and Organisations, New Zealand Information Security Manual (NZISM) and Systems and Organisation Controls 2 (SOC 2) requirements.
We champion:
Future forward cyber security
MATTR has established a cryptographic standard, complimented by a cryptography and key management procedure. These specific controls are designed to protect the confidentiality, integrity, and authenticity of MATTR’s IT infrastructure.
The MATTR network is protected using an Amazon Virtual Private Cloud (VPC) environment. Strict protocols are followed to ensure that our products are secure and any threats are mitigated.
Privacy first
Enhancing privacy and trust in digital transactions is a fundamental MATTR principle. All data is classified according to its sensitivity and handled accordingly.
We work on a principle of least privilege policy to minimise the risk of breaches or malicious activity. Access to non-public data is strictly limited. Where possible, access to sensitive data is protected by multi-factor authentication or the use of a VPN connection.
People who care
Our security procedures encompass how we work, who we work with, the internal policies we set and the technology we use.
All MATTR staff are trained on security awareness, risk management, acceptable use and other related topics as part of the onboarding process. We instil and nurture a culture of integrity and ethical conduct among all employees from the outset.
Ongoing risk management
Risk management is embedded in the way we work.
Regular internal and external audits assess and mediate risks across relevant systems and their applicable controls, policies and procedures and any regulatory, legal or contractual requirements.
Independently audited and accredited
SOC2
SOC2 is a compliance standard that measures how organisations manage customer data across several Trust Services Criteria: security, availability, processing integrity, confidentiality and privacy.
Cyber Essentials Certified Plus
Backed by the UK government, Cyber Essentials certification includes technical verification to ensure organisations are protected against a wide range of common cyber attacks.
Independently audited code
Security research firm Trail of Bits has conducted an independent, third-party audit of our code.
Questions about security?
Want to know more about how MATTR’s security practices can protect and enable your business? We can tailor solutions to your specific needs – talk to us today.