You are trusting Osprey with EINs, SSNs, and your family's financial data. We protect it with field-level encryption, strong authentication, and complete audit logging — on every plan.
Sensitive identifiers like EINs and SSNs are encrypted with AES-256-GCM at the field level — not just at rest on disk. Even a database snapshot reveals nothing usable.
TOTP-based 2FA adds a second layer beyond your password. New-device logins trigger an email alert so you always know when your account is accessed from somewhere new.
All traffic is served over TLS 1.2/1.3 with strong cipher suites and HSTS preloading. Documents are delivered through time-limited signed URLs, never exposed directly.
Every meaningful action is written to an append-only audit log with hash-chain integrity, so the record cannot be silently altered after the fact.
Hosted on U.S.-based servers with automated daily backups and a tested restore process, so your data survives hardware failure and human error alike.
Clients control exactly which accountants can see their data. Sessions are bound to context and rate-limited, and authentication endpoints carry the strictest throttling.
Trusted By Family Offices
The controls that matter, stated plainly.
We are happy to walk through our controls in detail.