LedgerDock handles financial data for accounting firms and their clients. Every design decision reflects that responsibility.
LedgerDock is built with defense-in-depth: application-layer encryption for sensitive data, server-side sessions, multi-factor authentication, role-aware access control, and a comprehensive audit log. Financial data stays in PostgreSQL on managed infrastructure with encrypted connections.
Access is enforced through user_assignments with three path types:
Every per-company route validates access. System admins have a separate, audited access path.
EINs, SSNs/ITINs, and full bank account numbers are encrypted at the application layer using AES-256-GCM. The UI shows masked values by default (e.g., ***-**-1234).
Revealing the full value requires a separate OTP verification — independent of the login MFA. Every reveal event is recorded in the audit log with the user, timestamp, IP address, and which field was revealed.
LedgerDock maintains an append-only audit log covering:
Audit rows are append-only. Existing triggers enforce immutability.
If you discover a security vulnerability, please report it to security@ledgerdock.app. We take every report seriously and will respond within 48 hours.
Please do not disclose vulnerabilities publicly until we have had a chance to investigate and address them.