Security
VaultBridgeFO stores some of the most sensitive personal and financial data that exists. Here is exactly how we protect it.
AES-256-GCM Encryption at Rest
Sensitive profile fields — Social Security numbers, dates of birth, EINs, and all financial data — are individually encrypted using AES-256-GCM via the Web Crypto API before being written to the database. Even in the event of a database breach, this data is unreadable without the encryption keys.
TLS Encryption in Transit
All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher. No sensitive information travels over unencrypted connections.
Cloudflare Infrastructure
VaultBridgeFO runs entirely on Cloudflare's global network — including Cloudflare Pages, D1 (our database), and R2 (file storage). This means enterprise-grade DDoS protection, a global content delivery network, and data stored in Cloudflare's secure, SOC 2-compliant infrastructure.
Granular Access Controls
You decide exactly what each professional can see. Document categories can be individually blocked per advisor — your CPA can access tax documents without seeing your insurance or estate files. Permissions can be changed or revoked at any time.
Authenticated Access Only
Every API route and page requires an active authenticated session. Professionals can only access clients who have explicitly assigned them. Clients can only access their own data. There are no publicly accessible data endpoints.
File Validation
All uploaded files are validated server-side for file type, extension, and size. Path traversal attacks and malicious file uploads are blocked at the API layer before any file is accepted.
No Third-Party Data Sharing
Your documents and profile data are never sold, shared with data brokers, or used for advertising. The only third-party service that processes content is AI document analysis — which is opt-in and used solely to help populate your own profile fields.
Activity Logging
All significant actions on your account — document uploads, profile changes, professional access — are recorded in an activity log visible to you at all times. You always know who has done what on your account.
Found a security issue?
If you believe you've found a security vulnerability in VaultBridgeFO, please report it responsibly by emailing admin@vaultbridgefo.com. We take all security reports seriously and will respond promptly. Please do not publicly disclose the issue until we've had a chance to investigate and address it.