Kardocloud
Security + compliance

Built for the regulated streams too.

Per-tenant keys, DRM, signed playback, immutable audit logs, GovCloud and on-prem deployment templates. The boring stuff that decides which RFP you actually win.

Security stack
Six pillars

How your data stays yours.

Per-tenant data keys
KMS data keys scoped per tenant. A breach on one tenant cannot decrypt another's data.
Signed playback
CloudFront key groups per tenant. Scope playback URLs to a user, a time window, an IP.
DRM
Widevine + FairPlay + PlayReady on our own license servers. Your keys, your control.
E2EE rooms
Optional end-to-end encryption for telehealth, legal, defense, finance.
Audit log
Immutable, queryable, exportable. Every admin + user action stored 7 years by default.
JWT scoping
Per-room, per-role, per-feature tokens. Or bring your own JWKS endpoint.
Compliance posture

Status by framework.

SOC 2 Type II
In progress
Annual audit, Type II report.
HIPAA
Aligned
BAAs available for telehealth tenants.
GDPR
Compliant
EU data residency, right-to-erasure, DPA available.
ISO 27001
Roadmap
Targeted for second cert cycle.
FedRAMP Moderate
Roadmap
For US public sector tenants.
COPPA
Aligned
For kids/edutainment vertical.
PCI DSS
Roadmap
For live commerce checkout flows.
FIPS 140-2
Roadmap
For defense deployments.

Bring your auditor.

We'll walk them through the controls, evidence pipeline, and per-tenant key model.