Financial Services
Every change logged. Every call accounted for.
An append-only audit trail of who changed what, when and from where — with AES-256-GCM encryption, least-privilege roles and SSRF-safe integrations. Controls engineered to SOC 2 Type II and ISO 27001; certification in progress.
Audit trail by default
Accountability, built into every action.
The controls a regulator or internal-audit team asks for — engineered in, not added under deadline.
Append-only audit trail
Every sensitive write is logged with the actor, IP and user-agent — and phone, email, name and secrets are redacted in the log. Nothing material happens without a record.
Audit-trail report
Who changed what, when and from where — filterable by user, action, table and date range, and exportable for review and reconciliation.
Encryption everywhere
AES-256-GCM envelope encryption for recordings and every stored secret (SIP, TOTP, integration credentials); TLS in transit; env-only key management.
Roles, permissions & 2FA
Seven system roles and 50+ granular permissions with custom roles, TOTP 2FA, single-session enforcement and account lockout — least-privilege by default.
Strict tenant isolation
Every query is org-scoped at the data layer; a cross-organisation request returns “not found,” never a leak — isolation by default, not by convention.
SSRF-safe integrations
Wire TelVox into your core systems with lifecycle webhooks and an outbound API catalog — every outbound request gated by a per-org egress allow-list.
Control posture
- Audit trail on every write
- Who · what · when · where
- AES-256-GCM
- SOC 2-aligned
- ISO 27001-aligned
- SSRF-safe egress
Questions
Financial services FAQ
Every sensitive write is recorded append-only with the actor, IP address and user-agent, and the audit-trail report lets you filter by user, action, table and date — the who-changed-what-when-from-where record auditors and regulators expect. Sensitive fields are redacted in the log itself.
Not yet — TelVox's controls are engineered to SOC 2 Type II and ISO 27001 (structured security-event logging, change-management logging, encryption, access control), and we're actively pursuing formal certification. We can share our security overview and controls documentation under NDA.
AES-256-GCM envelope encryption protects recordings and all stored secrets, with TLS in transit. Access uses seven roles and 50+ permissions, TOTP 2FA and single-session enforcement, and every organisation's data is strictly isolated.
Deployment region and data-residency options depend on your environment — talk to us during the demo and we'll map it to your requirements rather than promise a region we can't commit to.
Bring internal audit to the demo.
We'll walk the audit trail, the change-management report and the access model end to end.