ArgusParliamentary monitoring
--:--:-- UTC
ArgusSecurity
Security & data residency

Built for institutions under scrutiny.

Argus runs for institutions that operate under regulatory and procurement scrutiny. This page is a plain-language summary of how we run the platform. Detailed supplier-assurance documentation is available on request to info@arguswatch.org.

Request assurance docs
01 · Hosting & data residency

Where your data lives.

Provider
Amazon Web Services (AWS) and Google Cloud Platform (GCP).
Default region
UK / EU. Production data is stored in AWS or GCP regions inside the United Kingdom or European Economic Area unless contractually agreed otherwise.
Edge delivery
Public marketing pages are delivered via Amazon CloudFront with global edge caching. The origin remains in the chosen primary region.
Backups
Backups inherit the primary region’s residency.
02 · Encryption

In transit and at rest.

Specific protocols, key-custody arrangements and supplier-assurance evidence are provided under NDA on request to info@arguswatch.org.

In transit
All traffic is encrypted with industry-standard TLS. Public endpoints are HTTPS-only; HTTP requests are redirected.
At rest
Data and backups are encrypted at rest. Customer-managed encryption keys are available on request for procurement-grade engagements.
03 · Access & deployment

Who can touch production.

Deploy authentication
Production deploys use short-lived, federated credentials. No long-lived access keys are stored in CI.
Production access
Multi-factor authentication required. All privileged actions are audited and logged.
Source control
Protected production branch; required pre-merge automated checks; required code review.
04 · Supplier credentials

Public-sector assurance.

ARGUS HOLDINGS — KLL1 LTD is a UK Ministry of Defence JAGGAER One Registered Supplier, engaging with public-sector buyers under standard UK Government commercial terms. Cyber Essentials and ISO 27001 alignment documentation is provided on request as part of supplier assurance.

05 · Continuous assurance

Tested monthly. In active certification.

Production infrastructure is tested on a monthly cadence. Two recognised standards — SOC 2 Type II and ISO 27001 — are in active preparation.

Vulnerability testing
Monthly automated security testing of production infrastructure. Findings tracked to closure.
SOC 2 Type II
In active preparation. Target: end of 2026.
ISO 27001
In active preparation.
Evidence on request
Audit progress, penetration-test summaries and supplier-assurance evidence available under NDA — info@arguswatch.org.
06 · Vulnerability disclosure

Coordinated disclosure.

Email
security@arguswatch.org
Manifest
/.well-known/security.txt (RFC 9116)
Policy
See our coordinated disclosure policy. We commit to acknowledge reports within five business days.
07 · Related

Where to go next.

Privacy policy — UK GDPR controller status, lawful bases, retention
Legal notices
About ARGUS HOLDINGS — KLL1 LTD
Contact