Security

Armada is a platform-as-a-service that powers private W-2 staffing benches for restaurant operators. Security is a first-class part of how we design, build, and operate the platform. We follow industry-standard practices across infrastructure, application, and operational security.

• Hosted on reputable cloud providers with SOC 2 / ISO 27001 certified data centers.
• Network isolation, managed firewalls, and least-privilege access controls.
• Encryption in transit (TLS 1.2+) and at rest (AES-256).
• Continuous monitoring, logging, and alerting.

• Secure software development lifecycle with peer code review.
• Authentication with strong password requirements and support for SSO where available.
• Role-based access control across operator and worker accounts.
• Regular dependency scanning and patching of third-party libraries.

• Personal data is processed in line with our Privacy Policy.
• Sensitive identifiers (tax IDs, banking details) are encrypted.
• Access is restricted to authorized personnel on a need-to-know basis.
• Backups are performed regularly and tested for integrity.

• Background checks and security training for personnel.
• Documented incident response procedures with defined notification timelines.
• Vendor risk reviews for subprocessors that handle customer data.

Armada operates as the W-2 employer of record where applicable and supports operators in meeting employment, payroll, and tax obligations across all 50 U.S. states. We are actively pursuing formal third-party attestations and will publish reports as they become available.

If you believe you’ve found a security issue, please email security@armada.work. We appreciate responsible disclosure and will work with you to verify and remediate the issue.