Architecture and security

Memority relies on a trusted cloud infrastructure and a security-by-design approach to ensure performance, availability and regulatory compliance. Our 360° IAM platform combines technological innovation with maximum data protection to support your digital transformation with confidence.

Security is at the core of our DNA

Maximum Security

Certifications and regulatory compliance
Memority is certified ISO 27001 (information security), ISO 27701 (personal data protection) and AirCyber Gold (aerospace sector), and is hosted on the trusted S3NS cloud, qualified SecNumCloud 3.2 for IaaS and PaaS services. We comply with the European NIS2 directive, the GDPR and DORA (the latter two in our role as a processor).
Security by design and DevSecOps
Security is embedded from the design stage of every feature. Our source code undergoes systematic peer reviews and automated static (SAST) and dynamic (DAST) analyses through our continuous integration pipeline. A dedicated risk assessment is updated annually and whenever a major evolution of the platform occurs.
Defense-in-depth protection and encryption
Memority’s architecture is structured into specialized zones based on a defense-in-depth approach, including anti-DDoS protection, firewalls, Web Application Firewalls (WAF) and hardened operating systems. All servers benefit from encryption at rest, while all internal and external data flows are encrypted in transit. Sensitive secrets are stored in restricted-access Hardware Security Modules (HSMs).
Continuous monitoring and proactive management
An outsourced Security Operations Center (SOC) monitors our platform in real time to detect and respond to intrusion attempts. Automated vulnerability scans are performed daily. Security patches are applied within strict timeframes depending on the severity identified. A dedicated cyber incident crisis management plan ensures rapid response and transparent communication with our customers.
Rigorous access and identity management
We apply the principles of least privilege and segregation of duties. All access requires multi-factor authentication (MFA). Privileged accounts are nominative and secured through a VPN and a bastion host, which records all administrative actions. Quarterly reviews of accounts and permissions ensure that access rights remain strictly aligned with business needs.

Certifications and regulatory compliance

Memority is certified ISO 27001 (information security), ISO 27701 (personal data protection) and AirCyber Gold (aerospace sector), and is hosted on the trusted S3NS cloud, qualified SecNumCloud 3.2 for IaaS and PaaS services. We comply with the European NIS2 directive, the GDPR and DORA (the latter two in our role as a processor).

Security by design and DevSecOps

Security is embedded from the design stage of every feature. Our source code undergoes systematic peer reviews and automated static (SAST) and dynamic (DAST) analyses through our continuous integration pipeline. A dedicated risk assessment is updated annually and whenever a major evolution of the platform occurs.

Defense-in-depth protection and encryption

Memority’s architecture is structured into specialized zones based on a defense-in-depth approach, including anti-DDoS protection, firewalls, Web Application Firewalls (WAF) and hardened operating systems. All servers benefit from encryption at rest, while all internal and external data flows are encrypted in transit. Sensitive secrets are stored in restricted-access Hardware Security Modules (HSMs).

Continuous monitoring and proactive management

An outsourced Security Operations Center (SOC) monitors our platform in real time to detect and respond to intrusion attempts. Automated vulnerability scans are performed daily. Security patches are applied within strict timeframes depending on the severity identified. A dedicated cyber incident crisis management plan ensures rapid response and transparent communication with our customers.

Rigorous access and identity management

We apply the principles of least privilege and segregation of duties. All access requires multi-factor authentication (MFA). Privileged accounts are nominative and secured through a VPN and a bastion host, which records all administrative actions. Quarterly reviews of accounts and permissions ensure that access rights remain strictly aligned with business needs.

Request a demo

The five technical pillars behind Memority's strength

Innovative architecture

A single, modular platform
Memority offers three complementary solutions (MY-Identity, MY-Access and MY-Keys) that share a common technical foundation. This shared architecture makes it easy to activate new capabilities without complex implementation projects, as identities are already centralized within the platform. This approach improves agility while reducing integration costs.
Micro-services and cloud-native architecture
Our solution is built on a micro-services architecture, with each business function handled by a dedicated service. Deployed in orchestrated containers, these components simplify maintenance, accelerate upgrades and enhance security. We leverage native services from cloud providers (AWS, S3NS) to deliver optimal performance for our customers.
Optimized application-level multi-tenancy
Memority’s multi-tenant architecture manages data isolation at the application level rather than the infrastructure level. Each customer benefits from two distinct environments (production and non-production) with identical service levels. This innovative approach delivers an excellent cost-to-performance ratio, suitable for both large enterprises and mid-sized organizations.
High availability and resilience
The platform is systematically deployed across three active data centers within a single cloud region, ensuring maximum availability. For customers with critical requirements, we offer a Disaster Recovery Plan (DRP) to another region — or even to a different cloud provider — to eliminate any single point of failure.
Flexible and customizable architecture
Memority provides extensive flexibility, including the choice of cloud provider (AWS, S3NS, GCP), hosting region (Paris, Dublin), shared or dedicated platform options, DRP activation and log forwarding to your SOC. This modularity enables organizations to adapt the infrastructure to their regulatory and operational requirements.