Security

The conceptual foundation of FireTun is the zero trust model. It means that, within the Platform, nothing is considered trustworthy solely because it is connected. Any user, any device, any request must prove its legitimacy at every moment. We do not issue permanent “passports”: we issue narrowly scoped authorizations, which are re-verified again and again. This principle governs both the experience our customers see and the way we build and operate the systems underneath.

Every customer lives within their own logical space within the Platform. That space contains their users, their policies, their devices, their keys and their records. No piece of information can accidentally cross from one space to another: separation is guaranteed both at the application level (who can read what) and at the database level (every query implicitly carries the identity of the tenant it belongs to).

This isolation is complemented by per-customer independent encryption keys. A tenant's sensitive data is encrypted with an exclusive key, different from any other tenant's. Even if someone hypothetically gained access to one customer's storage, they would not be able to decrypt another customer's information. It's a structural guarantee, not a trust-based agreement.

All information that travels between end-user devices, connection agents and the FireTun servers is transmitted encrypted with modern protocols. This applies to admin panel traffic (over modern HTTPS), to user private network connections (based on WireGuard with automatic key rotation) and to all internal communications between the Platform's components.

The data we store is also encrypted at rest. Databases use storage-level encryption and the most sensitive fields — such as credentials, authentication secrets or cryptographic material — are stored with an additional encryption layer via a key custody system. Encryption keys are never directly accessible to operational personnel.

The secrets the Platform needs to function (database credentials, API keys, service tokens, certificates) are not kept in configuration files or in code: they are stored in a centralized secret vault, with controlled access and audit logs. Each Platform component can retrieve only the secrets it needs, when it needs them, and for the strictly necessary amount of time.

User passwords are always stored as hashes computed with modern, brute-force-resistant algorithms. At no time do we keep passwords in plain text, nor does any mechanism exist to recover them: if a user loses access, they must reset their password through the provided flow.

We apply the principle of least privilege strictly: every person and every system component has only the permissions needed to perform their role. Our customers' administrators define which users can see what, what operations they can perform and which resources they can reach. Within FireTun, operational access for personnel is restricted to those who truly need it, protected by multi-factor authentication and logged in detail.

Before a user is granted access to their organization's resources, the agent installed on their device reports the device's state: up-to-date operating system, active antivirus, disk encryption, absence of unauthorized tools. Each organization defines its own criteria, and the Platform grants or restricts access according to those rules. If the device does not comply, it may be quarantined until the problem is fixed. This drastically reduces the possibility that a compromised device can act as an entry point to the corporate network.

Every relevant action within the Platform is logged along with the user who performed it, the exact time, the address from which it originated and the outcome. Audit records are available to administrators and are retained for the time necessary to investigate incidents, fulfill legal obligations and respond to compliance audits. Retention is managed in line with the privacy policy and the minimization principle.

FireTun continuously monitors the state of its infrastructure and the behavior of the Platform. We have automated mechanisms that detect anomalous patterns, unusual traffic spikes, repeated failed authentication attempts and other signals that may indicate a problem. When an incident is identified, we activate a documented response procedure including containment of the event, root cause investigation, notification of affected customers where applicable and corrective measures to prevent recurrence.

We perform regular backups of the operational data of the Platform, with periodic restoration tests to ensure they are functional. Backups are stored encrypted and in locations separate from the main environment, so that an incident in production does not compromise our ability to recover. Service continuity plans are reviewed regularly.

We keep the software we use up to date and we prioritize the application of relevant security patches. The FireTun software lifecycle includes code reviews, automated tests, dependency analysis and periodic audits. Maintenance windows, when needed, are communicated in advance to minimize the impact on our customers' operations.

We operate in accordance with the European Union General Data Protection Regulation (GDPR) and Chile's Law No. 21.719, which modernizes the Chilean personal data protection regime. These regulations impose strict obligations on how data must be collected, processed and retained, what rights the data subject has, and how incidents must be handled. Our organization has documented procedures to respond to rights exercises, to maintain records of processing activities and to notify any breach within the deadlines the regulations require.

Our commitment goes beyond formal compliance. We periodically review our controls, train our team and adapt our processes as the regulatory landscape and the state of the art in security evolve.

If you have found a potential security issue in the Platform, we appreciate your collaboration. Please write to security@firetun.com with as much detail as possible. We commit to review every report diligently, to keep you informed during the process and to publicly acknowledge your contribution if you wish. In return, we ask you not to disclose the issue publicly until we have had the opportunity to remediate it.

No digital platform can guarantee absolute security. We can — and do — apply known best practices, invest in technology, train our team and submit to review. We cannot, however, offer a magical guarantee against extraordinary scenarios, attacks by actors with unlimited resources or isolated human errors. What we do offer is transparency: if something happens, we tell you about it, we solve it and we learn from it.