Secure Enclave - Govly Developer Documentation

Govly’s Secure Enclave provides a CMMC Level 2 compliant environment for processing sensitive government contracting data, including Controlled Unclassified Information (CUI).

Security Controls

Network Security

Virtual Private Cloud (VPC) - All resources deployed within isolated VPCs
Security Groups - Explicit allow-list firewall rules between tiers
Access Control Lists (ACLs) - Network-level traffic filtering
Private Subnets - Database and processing tiers not directly accessible from internet

Data Encryption

Data State	Encryption Method
In Transit	TLS 1.2+ (256-bit)
At Rest	AES-256
Backups	AES-256 with separate key management

Access Controls

Multi-Factor Authentication (MFA) - Required for all administrative access
Role-Based Access Control (RBAC) - Permissions based on job function
Just-In-Time Access - Temporary elevated privileges with automatic expiration
Audit Logging - All access attempts logged and monitored

Monitoring and Detection

Continuous Vulnerability Scanning - Automated security assessments
Intrusion Detection - Real-time threat monitoring
Log Aggregation - Centralized security event logging
Anomaly Detection - ML-based identification of unusual patterns

AWS Compliance

Govly’s infrastructure runs on AWS, which maintains compliance with:

ISO 27001
ISO 27017
SSAE-18 SOC 1 and SOC 2
FedRAMP Moderate

Data Residency

All Govly production systems are hosted in AWS US regions, ensuring:

Data remains within United States boundaries
Compliance with federal data residency requirements
Multi-availability zone redundancy for durability

Secure Enclave Services

The following services are available within the CMMC-compliant enclave:

Secure Email Ingestion

Process procurement emails containing CUI:

[organization]@secure.govly.com

Secure Web Automation

Monitor procurement portals with data processed entirely within the enclave boundary.

Secure API Access

Enterprise API endpoints for programmatic access to enclave-processed data.

Getting Access

To use Govly’s Secure Enclave services:

Contact [email protected] to discuss your requirements
Complete the customer security questionnaire
Sign the appropriate data handling agreements
Receive your organization’s secure endpoints and credentials

Compliance Questions

For questions about our secure enclave architecture or compliance documentation, contact [email protected].

Getting Started

Enterprise

​Security Controls

​Network Security

​Data Encryption

​Access Controls

​Monitoring and Detection

​AWS Compliance

​Data Residency

​Secure Enclave Services

​Secure Email Ingestion

​Secure Web Automation

​Secure API Access

​Getting Access

​Compliance Questions