Security at FactoryThread
FactoryThread is a data virtualization platform — not a system of record for customer business data. Data is fetched on demand from the source, transformed in memory inside the worker, and delivered to the target. The application database holds only operational metadata, plus two narrow, documented exceptions on the failure path. See the Security Overview for the full statement.
For a customer-facing summary, see the public security page.
Documents
- Security Overview — product summary, tenancy, authentication, encryption, logging, corporate controls, roadmap.
- Shared Responsibility Matrix — division of responsibilities across SaaS, single-tenant managed, and on-prem deployments.
- Compliance Readiness — SOC 2, ISO 27001, 21 CFR Part 11, GxP — current alignment and target audit timelines.
- Data Flow & Architecture — available under NDA.
- Access, Audit & Change Control — available under NDA.
Request the full packet
To request the NDA-gated documents, CAIQ-Lite, SIG-Lite, or a customer-specific questionnaire, contact support@factorythread.com.