Security first.

At Spaces, we take the security of your data seriously. Learn about our security practices and compliance measures.

Putting you in control

Your data stays yours

We never train our models on your client data and make it easy for you to access all data, giving you and your clients peace of mind.

You set the rules

Our process for data storage can be configured to your needs, with data stored in your local residency.

You set permissions

You have full control over internal permissions. Who can create, read and write data is your choice.

Our protocols and practices

End-to-end encryption

All client data is encrypted in transit using TLS 1.2 with strong cipher suites and perfect forward secrecy. Our authentication is handled by Auth0, with optional two-factor authentication (2FA) via time-based one-time passwords (TOTP).

Secure Storage

We utilize AWS S3 storage with AWS Server-Side Encryption (SSE) for all stored data. Data is encrypted using 256-bit Advanced Encryption Standard (AES-256), with encryption keys secured by regularly rotated root keys for enhanced protection.

Data Resilience

We perform daily backups to ensure your data remains safe and accessible. Our backup strategy includes cross-region replication within the US, providing geographic redundancy and protection against regional outages.

Have security questions?

Our security team is here to help. Contact us for any security-related inquiries or to report a security concern.

Contact Security Team

Grow your advisory firm smarter.

Join 100+ advisors getting actionable tips, client insights, and practice growth ideas - straight from Spaces.