# Security Chariot is designed with security at its core to protect your organization, your data, and your funds. Our systems ensure that only authorized users can take authorized actions, with end-to-end encryption protecting all data and transactions. ### Secure By Design Chariot is built to minimize risk at every level of interaction and access. **Interaction**\ Chariot’s technology only interacts with the data required to complete a task. For example, DAFpay only accesses the fields needed to submit a grant request. **Accessx**\ Chariot follows the **principle of least privilege**, meaning access is restricted by default and only granted when necessary. This applies to both customers and internal systems. All users are required to use **multi-factor authentication (MFA)** to access the Chariot dashboard. Chariot staff are also required to use MFA across all internal tools. *** ### Built With The Best Chariot leverages modern infrastructure and security standards to ensure performance, reliability, and protection. **Modern infrastructure**\ Chariot is hosted on [AWS](https://aws.amazon.com/) cloud infrastructure in the United States, benefiting from industry-leading security, scalability, and uptime. **Encryption**\ Data that passes through Chariot’s systems is encrypted in transit using industry-standard protocols, including **TLS and AES-256**. **Monitoring**\ Chariot’s infrastructure is continuously monitored using advanced detection systems, with a 24/7 on-call team responding to alerts. **Expert advisory**\ [Oneleet](https://www.oneleet.com/), a leading cyber-security advisory firm, performs system monitoring and hosts our [Public Trust Center](https://trust.givechariot.com/) for maximum transparency. {% hint style="info" %} Review [Broken mention](broken://pages/w5LbXLSVL4Xzf6l4MzWx) {% endhint %} *** ### External Reviews Chariot undergoes regular independent review to validate security and compliance. **Third-party audits and testing**\ Chariot is **SOC 2 Type II compliant** and undergoes regular penetration testing. Documentation is available upon request via our [Trust Center.](https://trust.givechariot.com/) **InfoSec customer Ddligence**\ Chariot has completed rigorous security and vendor reviews with major healthcare systems, universities, and large multinational organizations. **Bank partner program**\ Chariot is a financial technology company, not a bank. We are a program of **Column N.A., Member FDIC**, which ensures that we adhere to strict security standards with ongoing monitoring and review. {% hint style="info" %} Review our [security documentation](https://trust.givechariot.com/) to learn more. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.givechariot.com/onboarding/trust-and-safety/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.