Security and Trust at Mozaiik
Mozaiik Wealth Tech Inc. builds a wealth technology platform for advisors and high net worth families. We handle sensitive financial and family information, and protecting that information is core to the product.
As an early stage company, we are actively building our security program and preparing for a SOC 2 examination. Mozaiik is not yet SOC 2 certified.
What we do today
Data residency goal
We are building Mozaiik on Canadian cloud infrastructure with the goal of keeping customer data resident in Canada.
Access controls
We follow the principle of least privilege. Access to systems and customer data is limited to those who need it, is approved, and is reviewed periodically.
Encryption
We use encryption in transit where supported by the applicable platform, and encryption at rest where supported by the underlying platform.
Vendor review
We review the vendors and subprocessors we rely on based on risk and the type of data they handle.
Incident response
We maintain an incident response process and a register to track and resolve security incidents.
Ongoing SOC 2 readiness
We are working through SOC 2 readiness and improving our controls as we grow.
Privacy program
Mozaiik maintains privacy practices intended to support Canadian advisory firms handling sensitive family, entity, estate, tax, and financial information. Our practices are designed to align with applicable Canadian privacy requirements, including PIPEDA where applicable.
Contact
Security questions or concerns can be sent to security@mozaiik.com. Privacy questions can be sent to privacy@mozaiik.com.