Data Custody
Customer portfolio and reconciliation data stays local. Support starts with logs, screenshots, versions, license state, and reproduction steps instead of confidential source files.
Built for vendor due diligence conversations.
FI buyers should not have to piece together security posture from sales calls. This page gives procurement, IT, compliance, and management a plain-language view of the launch model, data boundaries, release controls, backup behavior, and implementation evidence.
Launch deployment model
Customer-controlled by default
The installed investment and reconciliation workflows keep holdings, CUSIPs, source import files, GL balances, report packages, and backups in the institution-controlled environment. The hosted site is for checkout, licensing, download fulfillment, support intake, release metadata, and documentation.
Local data custody
Encrypted local database
Signed release path
Published checksums
License-data separation
Restore-drill evidence
Support upload boundary
Borrower PII gated separately
Security Controls
Local encryption, OS-protected key handling, role-aware workflows, audit logging, import hashes, backup integrity checks, and separate hosted controls for billing and licensing metadata.
Release Controls
Production downloads are expected to follow signed installer, checksum, release manifest, SBOM, release-channel, and integrity checks before customer distribution.
Backup & Restore
Automatic and manual local Time Machine snapshots include integrity hashes, pre-restore safety snapshots, and restore evidence that can be retained with deployment records.
Implementation Evidence
The evaluation produces source-file inventory, import mapping, balancing evidence, first support package, restore drill, license behavior notes, and fit/gap summary.
Borrower PII Gate
Online loan application hosting is separated from the local desktop model and requires production document storage, malware scanning, tenant isolation, retention controls, E-SIGN evidence, and legal-reviewed borrower flows.
ProcurementSecurity overview, data flow, release controls, support boundaries, and insurance/vendor questionnaire responses.
ITInstaller, checksum, activation, local storage path, update process, firewall expectations, and backup location.
AccountingImport mapping, report coverage, GL tie-out, call-report support, review signoff, and month-end output examples.
ManagementROI estimate, evaluation results, implementation scope, ongoing price, support expectations, and expansion path.
Use the vendor packet to keep the first call practical
Start with the data-custody model, release channel, and evaluation evidence checklist. Then let the buyer route the packet to IT, compliance, accounting, or management without extra sales handholding.