Security at Mycelium
Mycelium Technologies Inc. is committed to protecting the security and integrity of the My-CLM platform and the data processed within it. This page provides an overview of the security practices used to operate and protect the platform.
Infrastructure
The My-CLM platform operates on modern cloud infrastructure provided by established cloud providers. Core components of the platform are hosted across infrastructure services including cloud computing, managed databases, and edge application hosting.
Infrastructure providers implement industry-standard security controls, including physical security, network protection, and infrastructure monitoring.
Data Protection
Data transmitted between users and the platform is protected using encrypted communication protocols.
Sensitive platform data is stored using secure storage practices designed to protect data from unauthorized access or exposure.
Encryption
Data transmitted between users and the platform is encrypted using secure communication protocols.
Where applicable, encryption mechanisms are used to protect sensitive data stored within the platform infrastructure.
Tenant Isolation
The My-CLM platform is designed using a siloed tenant architecture, where each customer operates within a dedicated platform environment.
Each tenant environment is independently provisioned with separate data storage, services, and configuration. This architecture ensures strong logical isolation and strict segregation of customer data and resources.
By isolating tenants at the environment level, the platform significantly reduces cross-tenant risk and blast radius, preventing organizations from accessing or interacting with resources belonging to other customers.
Access Control
Access to the My-CLM platform is restricted to authorized users.
Security measures include:
- user authentication mechanisms
- role-based permissions
- restricted internal system access
These controls are designed to ensure that users only access the data and functionality required for their role.
Monitoring and Incident Response
System activity is monitored to help detect potential security issues, suspicious behavior, and operational anomalies.
In the event of a suspected security incident, Mycelium investigates the issue and takes appropriate measures to contain and resolve the situation.
Backups and Resilience
Platform infrastructure is designed with resilience in mind. Backup and recovery procedures are implemented to help protect against data loss and support operational continuity.
Third-Party Infrastructure
The platform relies on established cloud infrastructure and service providers to support hosting, databases, and application delivery.
These providers maintain their own security certifications and operational safeguards.
Responsible Disclosure
If you believe you have identified a potential security vulnerability related to the Mycelium platform or website, please report it responsibly.
Security reports can be sent to:
We appreciate responsible disclosure and will review all credible reports.