NSITES CAPITALMODULE 14ADMINISTRATIONSESSION ID A4F7-21B9
MODULE 13 · ADMINISTRATION
Security, Identity & Governance
MFA, role-based access, artist-level scoping, encryption, audit logging, and SOC2-style controls.
MFA COVERAGE1 USER OPEN
83%
ENCRYPTION
AES-256 · TLS 1.3
AT REST · IN TRANSIT
SOC2 CONTROLSALL PASSING
142 / 142
LAST PEN TEST
2025-09-18
3RD-PARTY · ZERO HIGH
IDENTITY & ACCESS
6 ACTIVE| USER | ROLE | SCOPES | MFA | LAST ACTIVE | ACT | |
|---|---|---|---|---|---|---|
AM A. Marsh | a.marsh@nsites | PRINCIPAL · ADMIN | ALL | ● ENROLLED | 2m ago | |
DK D. Kovac | d.kovac@nsites | AUDITOR · LEAD | AUDIT · RECON · REPORTS | ● ENROLLED | 8m ago | |
PR P. Renner | p.renner@nsites | CONTRACT MANAGER | CONTRACTS · ARTISTS · DISPUTES | ● ENROLLED | 21m ago | |
JL J. Liu | j.liu@nsites | ANALYST | READ · REPORTS | ● ENROLLED | 1h ago | |
MO M. Okafor | m.okafor@nsites | ARTIST MANAGER · LUNA | ARTIST: ART-003 ONLY | ○ REQUIRED | 3h ago | |
a ai-engine | system@nsites | SERVICE ACCOUNT | INSIGHTS · INGESTION (READ) | ● ENROLLED | live |
CONTROLS POSTURE
- 1 PENDINGMFA enforcementAll non-service accounts within 30 days
- OKEncryption at restAES-256 across PostgreSQL + object storage
- OKKey rotation90-day rotation · last 2025-10-12
- OKAudit immutabilityAppend-only · cryptographic chain
- OKRole-based accessRow-level security · artist scoping
- OKData maskingPII masked in non-prod environments
DATA RETENTION & GOVERNANCE
| DOMAIN | RETENTION | LEGAL HOLD | STATE |
|---|---|---|---|
| Statements & payments | 10 years | — | ● ACTIVE |
| Contracts & amendments | Lifetime+10y | Default | ● ACTIVE |
| Audit trail | Immutable | Always | ● ACTIVE |
| AI inference logs | 365 days | Optional | ● ACTIVE |
| File ingestion blobs | 5 years | On dispute | ● ACTIVE |
| User access logs | 3 years | — | ● ACTIVE |