LivoSystems Security Framework
Security strategy for investments, banking cooperation, and drone technologies
Version: 2025-08-11
I. Legal and Regulatory Security
Objective
Prevent legal risks, sanctions violations, and data protection breaches.
KYC / AML System
- Integrate Sumsub or Ondato KYC solution.
- Automatic sanctions and PEP checks (EU, OFAC, UK HMT, UN).
- Determine investor risk levels.
Data Protection (GDPR)
- All data stored on EU servers (AWS Frankfurt, OVH, Hetzner DE).
- Data encryption at rest (AES-256) and in transit (TLS 1.3).
- Employee access rights via Role-Based Access Control (RBAC).
Contracts and Terms
- Include risk disclosure in investment agreements.
- NDAs with suppliers and subcontractors.
- Compliance with EU Regulation 2021/821 for dual-use goods (drones).
II. Financial Security
Objective
Protect investor funds and maintain trust with banks.
Segregated Accounts
- Keep investor funds in separate accounts.
- Partner banks: Paysera, Multipass, Stripe.
Multi-Signature Authorization
- For payments above 10,000 EUR, require at least 2 executive approvals.
Transaction Monitoring
- Automatic alerts for large or suspicious transactions.
- Dedicated AML officer to approve high-value transactions.
III. IT and Platform Security
Objective
Prevent hacking, data leaks, and system sabotage.
Access Security
- 2FA for all users and admins (Google Authenticator / Authy).
- Brute force protection (Cloudflare / Fail2ban).
Data Security
- Full encryption (AES-256, TLS 1.3, bcrypt for passwords).
- Daily backups to AWS S3 Glacier or equivalent.
Testing and Monitoring
- Annual penetration tests (Cobalt.io, YesWeHack).
- Real-time security monitoring (Wazuh SIEM, CrowdStrike, SentinelOne).
Incident Response Plan
- Notify authorities and investors within 12 hours of a breach.
- Immediate system isolation and forensic investigation.
IV. Operational and Physical Security (Drones)
Objective
Prevent theft, espionage, and unauthorized use of technology.
Facility Security
- 24/7 video surveillance with 360-day retention.
- Biometric access control and visitor registration.
Employee Screening
- Background checks for all staff working with drones or financial data.
- NDAs and security training.
Drone Technology Protection
- Encrypted telemetry (AES-256 + rolling keys).
- Remote deactivation or self-destruct in case of capture.
- Restricted access to manufacturing documentation.
V. Implementation Priorities
- 1 — KYC/AML system with sanctions screening: Yes
- 2 — 2FA and access security for all users: Yes
- 3 — Segregated accounts and multi-signature: Yes
- 4 — Data backup + penetration test: Yes
- 5 — Physical security and drone fail-safe: Yes