The Modern ETRM/CTRM Platform That Prioritizes Security
Molecule’s trading risk management software is designed with security at its core, both in our application and in our daily operations.
Security is built into every layer of Molecule. From infrastructure to operations, we meet or exceed industry-leading standards to ensure your data stays protected and your team stays compliant – so you can trust your ETRM system to manage risk without creating it.
Our Security Measures
Molecule maintains security of your trading data using a variety of security measures. Learn more about our security measures.
Application Security Back to top
-
Software Development
Molecule follows secure development practices that guide how we design, build, and update our software.
-
Patching
Molecule regularly updates all systems and software in our infrastructure to keep security strong and your data protected.
-
Secrets Management
Application secrets are managed through specialized secrets management software.
-
Best-In-Class Tooling
Molecule is built on industry-standard technologies including Ruby on Rails, Python and PostgreSQL.
Account Security Back to top
-
Login + Signup
Molecule uses Auth0 for secure authentication, with the option to log in through SSO or user-managed passwords.
-
Password & Session Policies
Molecule encrypts all passwords and supports secure logins through strong password standards, 2FA, and leading SSO providers like Okta and Azure AD. Sessions time out automatically, with built-in lockout and cooldown features to keep accounts safe.
-
Customer/Account Permissions
Molecule restricts data access by account, so users only see what’s theirs. Every release is tested to ensure permissions stay secure and accurate.
-
User Permissions
An account administrator can grant permissions to govern the actions users can perform in the system and the screens and types of data users can see.
-
API Permissions
API access requires a username and token. The token is one-way encrypted and easy to revoke.
-
Audit Trails
Molecule retains access logs of every use of our application, and can make them available upon request.
Infrastructure Security Back to top
-
Physical AWS security
Molecule uses Amazon Web Services (AWS) as its primary cloud hosting provider.
More information can be found on the AWS Compliance center here. -
Network Security
Molecule limits external access to only what’s needed and secures all internal traffic using AWS’s built-in network protections.
-
Staging Environment
Molecule uses isolated staging environments to test every change before it goes live in production.
-
Production Access
Molecule’s production environment is limited to essential personnel through a secure VPN.
Data Security Back to top
-
Multi-tenant Architecture
Molecule’s ETRM platform is built as a true multi-tenant SaaS. Each customer’s data is logically isolated, ensuring only authorized users can access their account.
-
Testing on Every Release
Automated and continuous testing safeguards account security as new features roll out. Molecule also runs daily system checks to keep everything working as expected.
-
Backups
Molecule backs up data in near real time and performs nightly full backups. Backups are tested weekly and securely stored offsite for added protection.
-
Encryption at Rest
All customer data is stored in AWS and encrypted at rest, adding a strong layer of protection against unauthorized access.
-
Encryption in Transit
Data moving to and from Molecule is encrypted using TLS. Insecure connections are automatically redirected or blocked to keep data safe in motion.
Reliability Back to top
-
99.9% Uptime
Molecule consistently delivers 99.9% uptime so customers can count on uninterrupted access to their data and workflows.
-
Multi-AZ Deployments
Molecule runs across multiple AWS availability zones, ensuring reliability and quick recovery even if one zone goes down.
-
Monitoring
systems and alerts our team within seconds of any performance issues. Our dedicated operations team keeps a close eye to ensure everything runs smoothly.
-
No Downtime Deployments
We use rolling deployments so new updates go live without interrupting your work.
Compliance Back to top
-
EU-US privacy shield
Molecule is committed to protecting your privacy. We offer a Data Processing Addendum (DPA) and are completing self-certification under the EU–US Data Privacy Framework.
-
Independently Audited for AICPA SOC
Molecule meets AICPA SOC 1 Type II and SOC 2 Type II standards and is audited annually to verify both the design and effectiveness of our controls.
-
GDPR
Molecule complies with GDPR and offers data residency options in the EU or North America. Security processes are identical across all regions to ensure consistent protection everywhere.