Built for regulated industries across North America
The General Consulting Company works with financial institutions, fintechs, and organizations that take data security seriously. Our infrastructure, access controls, and data handling practices are designed to meet the expectations of compliance and IT teams.
Your Data Stays In Your Country
Every client organization is assigned a dedicated data region at onboarding. Canadian clients default to AWS ca-central-1 (Montreal). American clients are hosted in AWS us-east-1 (Virginia). Data region is enforced at the infrastructure level on Amazon Web Services, not application logic, and no data is commingled between organizations.
Infrastructure
The General Consulting Company runs on Amazon Web Services. All compute (EC2), databases (RDS), and object storage (S3) inherit the compliance controls of AWS infrastructure, which maintains SOC 2 Type II, ISO 27001, ISO 27017, and ISO 27018 certifications.
Data is encrypted at rest using AES-256 via AWS server-side encryption and in transit using TLS 1.2+. All storage buckets in S3 enforce least-privilege access with public access fully blocked.
Authentication & Access
Users authenticate through their existing Microsoft or Google identity provider via single sign-on (SSO). Multi-factor authentication (2FA) is enforced through the identity provider.
Access is scoped by organization such that users only see data belonging to their own institution in Solarium. Role-based permissions control what each user can view and modify within their organization.
Document & Media Security
All file access is authenticated and time-bounded on S3, hosted on Amazon Web Services. Documents, recordings, and transcripts are served through presigned URLs that expire after one hour. No client content is accessible through persistent or public URLs.
Backups & Recovery
All client data is backed up automatically on RDS and S3. Database snapshots support point-in-time recovery and object storage is versioned, ensuring accidental deletions or overwrites are recoverable. Backups are stored within the same data region as the primary data on Amazon Web Services.
Privacy
The General Consulting Company's data handling practices are aligned with PIPEDA and applicable privacy regulations in the jurisdictions where our clients operate. Client data is used solely to deliver the contracted service. No client data is used for AI model training or shared with third parties.
Questions about the General Consulting Company's security posture? Reach out at [email protected]