Security

Enterprise-Grade Security

Protecting your agricultural data with industry-leading security measures and best practices

256-bit Encryption SOC 2 Type II, ISO 27001 Ready

Security Overview

Infrastructure Security Data Protection Access Control Monitoring & Detection Incident Response Certifications

Our Security Commitment

At Meridian Africa, security is not an afterthought—it's built into every layer of our platform. We understand that farmers and agricultural organizations trust us with sensitive data, and we take that responsibility seriously.

Our Promise: We employ enterprise-grade security measures to protect your agricultural data, ensuring confidentiality, integrity, and availability at all times.

Infrastructure Security

Data Security

Encryption: AES-256 at rest, TLS 1.3 in transit

Access Control: Role-based (RBAC), multi-factor authentication

Audit Logs: Immutable record of all actions

Backup: Daily snapshots, 30-day retention, multi-region

Data Sovereignty

Standard: Google Earth Engine (US-based compute)

Premium: AWS Cape Town (Africa-hosted option)

On-Premise: Government data center deployment available

Ownership: All data belongs to government, never commercialized

Compliance

GDPR / Data Protection Act: Privacy by design

ISO 27001: Information security (certification in progress)

Government Financial Regulations: Audit trail compliant

Procurement: World Bank, AfDB, bilateral agency standards

Transparency

Methodology: Open documentation, peer-reviewed approaches

Algorithms: Explainable ML, confidence scoring

Validation: Ground truth collection, accuracy reporting

Auditable: Independent verification of results possible

Data Protection

Encryption

We use industry-standard encryption to protect your data:

Data in Transit

All data transmitted between your device and our servers is encrypted using TLS 1.3 with 256-bit encryption

Data at Rest

All stored data is encrypted using AES-256 encryption, including databases, file storage, and backups

Satellite Data

Agricultural and satellite imagery data is encrypted and stored in secure, isolated environments

Data Privacy

Data minimization - we only collect what's necessary
Purpose limitation - data used only for stated purposes
Data segregation - customer data isolated by tenant
Anonymization for analytics and research

Access Control & Authentication

Multi-Factor Authentication

Optional MFA for enhanced account security using authenticator apps or SMS

Role-Based Access

Granular permissions based on user roles and responsibilities

Session Management

Automatic session timeout and secure session handling

Audit Logging

Comprehensive logging of all access and data modifications

Security Best Practices for Users

Use strong, unique passwords
Enable multi-factor authentication
Regularly review account activity
Don't share login credentials
Log out from shared devices

Security Monitoring & Threat Detection

We employ 24/7 security monitoring to detect and respond to threats:

AI-Powered Detection

Machine learning algorithms to identify anomalies and potential threats

Automated Alerts

Instant notifications for suspicious activities or security events

Security Analytics

Advanced analytics to identify patterns and prevent future threats

Incident Response

We have a comprehensive incident response plan to handle security events:

Detection

Automated systems and security team identify potential incidents

Assessment

Rapid evaluation of severity and potential impact

Containment

Immediate action to prevent spread and limit damage

Resolution

Eliminate threat and restore normal operations

Communication

Notify affected users and stakeholders as required

Post-Incident Review

Analyze incident and improve security measures

Breach Notification : In the unlikely event of a data breach, we will notify affected users within 72 hours as required by applicable regulations.

Security Certifications & Compliance

SOC 2 Type II

Security, availability, and confidentiality controls

GDPR Compliant

European data protection regulation compliance

PCI DSS

Payment card industry data security standards

Responsible Vulnerability Disclosure

We welcome security researchers to help us maintain the security of our platform. If you discover a security vulnerability, please:

Email details to compliance@merdianafrica.io

Do not publicly disclose the vulnerability

Allow us reasonable time to address the issue

Bug Bounty Program

We offer rewards for valid security vulnerabilities. Contact us for program details.

Security Contact

For security-related inquiries or to report a vulnerability:

Security Team: compliance@merdianafrica.io

Emergency Hotline: +447438993162