Nobody sees what they don't need.
Tenant isolation at the row level. Role-based scopes on every API. Operator access is break-glass, logged, and reviewed — your data isn't open to our support team by default.
Security & Trust
Proof, not promises.
Every event, every mile.
Freight is a regulated industry — ELD hours, FMCSA scorecards, customs attestations, escrowed settlements. We treat your data the same way the industry treats its cargo: chain of custody, auditable handoffs, and proof on arrival.
Four commitments we don't negotiate.
In transit and at rest.
TLS 1.3 end-to-end. AES-256 at rest on every database, blob, and backup. Per-tenant key namespaces with rotation on schedule and on demand.
Every number cites its source.
Every rate quote, every RIOS agent action, every settlement event is immutable, time-stamped, and replayable. You can reconstruct any decision we made — or you made — end to end.
Reliability is a feature.
Multi-region active-passive with automated failover. Graceful degradation over outage. We publish our status page, our incident reviews, and our RTO/RPO targets in plain English.
Defense in depth, composed in calm.
RIOS was built for regulated data from day one. Each layer does one job well, and each layer is independently auditable.
WAF + DDoS
Managed WAF with rate-limiting, bot mitigation, and geo-aware rulesets. DDoS absorption at the edge before requests touch our origin.
mTLS service mesh
Every service-to-service call is mutually authenticated and encrypted. Service identity is cryptographic — not vibes.
Zero-trust ingress
No implicit trust inside the VPC. Every request carries a verified identity; every handler re-authorizes before reading.
SSO + SCIM
SAML 2.0 and OIDC for enterprise customers. SCIM provisioning keeps your IdP the source of truth for joiners, movers, leavers.
MFA by default
TOTP, WebAuthn, and hardware keys supported. Enforced at the tenant level; we can require it for privileged roles without workarounds.
Fine-grained scopes
Quote-only. Dispatch-only. Read-only finance. Roles map cleanly to how freight teams actually work — not a generic admin/user split.
Tenant isolation
Hard row-level isolation enforced in the query layer — not just at the app tier. Cross-tenant reads fail closed, audited, and alerted.
Keyed encryption
KMS-backed envelope encryption with per-tenant data keys. Rotation automated on schedule; re-encryption without downtime.
Backups, tested
Hourly point-in-time recovery. Quarterly full-restore drills to an isolated tenant — because an untested backup is a hypothesis.
Immutable audit log
Append-only, cryptographically signed, retained by tenant policy. Exportable on request. You can prove what happened — not just remember.
Anomaly detection
Behavioral baselines per user, per tenant, per agent. Off-pattern actions escalate before a human sees them.
SIEM integration
Stream your Eusorone events into your SIEM. No more swivel-chair compliance. Pipe it into Splunk, Datadog, or your custom stack.
Built for the frameworks regulators actually use.
Freight lives at the intersection of DOT, FMCSA, CBP, SAT, and a dozen state regimes. RIOS encodes those frameworks as first-class primitives, not afterthought reports.
In audit.
We're in active SOC 2 Type II observation with a top-tier auditor. Interim trust brief available under NDA for qualified customers.
Data rights, honored.
Data subject access requests, portability, erasure — all exposed through self-serve tools and our DPA. We publish the retention schedule, not just reference it.
FMCSA-grade hours of service.
RIOS respects ELD records as the source of truth. Dispatch agents will not propose loads that violate HOS; violations are flagged before dispatch, not after.
Cross-border, cross-checked.
NOM, CA Prop 65, ADR, IMDG, FSMA — validated before a load is booked, not after the truck is at the border. Customs attestations live with the load, not in a PDF inbox.
Payments, out of scope.
We don't store raw card data. Settlements flow through tokenized, PCI-certified processors. Your AR/AP team never sees a PAN.
Red-teamed, annually.
Third-party pen tests against RIOS APIs and the EusoTrip surface. Findings remediated on published SLAs. Executive summary available on request.
Found something? Tell us, and we'll thank you.
Email security@eusorone.com with details. We acknowledge reports within one business day and aim to triage within three. We don't pursue legal action against good-faith researchers who follow our disclosure policy.
PGP: fingerprint published at /.well-known/security.txt (coming soon). Scope: *.eusorone.com, *.eusotrip.com. Out of scope: third-party vendors, social engineering of employees, physical attacks.
Talk to the team
Need our trust brief, SIG, or DPA?
Enterprise security packs — SIG Lite, CAIQ, our DPA, and subprocessor list — are available to qualified customers under NDA. We respond within one business day.