Three-Perspective Security Framework
Family office data faces three threat categories: regulatory authority pressure, internal accidental operations, and external malicious attacks. The Ginkgo Platform addresses each at the architecture level.
Legal Jurisdiction Isolation
Singapore-incorporated entity, governed solely by Singapore law, unaffected by compulsory disclosure requirements from other jurisdictions.
- —Incorporated in Singapore; legal entity domiciled in Singapore
- —Singapore PDPA compliance; data processing has legal basis
- —Data does not transfer across jurisdictions (TODO: confirm specific data residency policy with business team)
Minimized Human Contact
Encryption keys are managed by AWS KMS; development and operations personnel do not access plaintext data or keys during routine operations.
- —AWS KMS key management; operations staff do not hold keys
- —RBAC permission model; principle of least privilege
- —MFA multi-factor authentication (TOTP/SMS/Email); prevents accidental account misuse
- —Audit logs; all critical operations are traceable
Defense in Depth
Multi-layer defense: even if one layer is breached, attackers still cannot obtain a complete picture of family holdings.
- —Identity-holdings decoupling: account identity and actual holdings stored separately
- —PDF redaction on export: sensitive fields automatically redacted in exported reports
- —AWS financial-grade infrastructure; TLS encryption throughout transmission
- —Regular third-party security audits (TODO: confirm audit firm name with business team)
Five Security Categories
Access control / Storage security / Transaction data / Holdings data / Weak linkage — five dimensions covering all aspects of family office data security.
Access Control
Who can see what, down to the field level.
- ·RBAC role-permission model; minimum necessary permissions per job function
- ·MFA multi-factor authentication enforced (TOTP/SMS/Email)
- ·Session timeout and automatic logout
- ·TODO: IP allowlist / device management policy to be confirmed with business team
Storage Security
Data is always stored in encrypted form on disk.
- ·AWS KMS manages encryption keys; keys are not exposed at the application layer
- ·Storage encryption (AES-256)
- ·AWS multi-region backup; prevents single-point data loss
- ·Database access isolation; different clients do not share storage instances (TODO: technical details to be confirmed with business team)
Transaction Data Protection
Transaction records are among the most sensitive family financial information and receive dedicated protection.
- ·Transaction data transmission encrypted end-to-end via TLS
- ·Transaction record access strictly limited by role
- ·TODO: transaction data retention period / deletion policy to be confirmed with business team
Holdings Data Protection
Holdings are the most confidential core family assets. Identity-holdings decoupling ensures that even if credentials leak, a complete holdings picture cannot be assembled.
- ·Identity-holdings decoupling architecture: account ID and holdings data stored separately
- ·Holdings snapshots physically isolated per client
- ·PDF report export automatically redacts sensitive figures (TODO: redaction rule details to be confirmed with business team)
Weak Linkage Design
Even if an attacker obtains partial data, it is difficult to reconstruct a complete family wealth profile.
- ·Identity identifiers and financial data use different storage and encryption keys
- ·Internal system logs do not record plaintext holdings amounts
- ·TODO: specific weak-linkage technical implementation details to be confirmed with business team
Security FAQ
Where is data stored? Does it cross borders?
Ginkgo Platform data is hosted on AWS Singapore region. TODO: specific cross-border data transfer policy to be confirmed with business team.
Can Ginkgo staff see my holdings data?
Ginkgo uses an identity-holdings decoupling architecture; routine operations do not involve client holdings in plaintext. AWS KMS keys are managed by AWS; operations staff do not hold them. Regular third-party security audits are conducted. TODO: specific internal access control details to be confirmed with business team.
What happens if a data breach occurs?
TODO: data breach response process and notification policy to be confirmed with business team.
What does Singapore PDPA protection mean for me?
Singapore's Personal Data Protection Act (PDPA) requires data processors to have a clear legal basis for handling data. As the data subject, you have the right to access, correct, and delete your personal data, and to know how it is being used. Ginkgo, as a Singapore-registered company, is bound by PDPA.
Has Ginkgo obtained third-party security certification?
TODO: third-party security audit firm and certification status to be confirmed with business team.
Security Is a Prerequisite for Choosing Ginkgo Platform
30 minutes to understand the complete security architecture of the Ginkgo Platform