Security Guidelines

This aims to provide a basic practical guidance to ensuring that your applications are secure and compliant.

Initiating Digital Projects and Integrations

All digital assets (including all promotional websites) and integrations to Sargon must be reported to Sargon through Sargon Arcadia so that it can be appropriately assessed, monitored and supervised. When reporting, please include the following information:

  • Business overview
  • Anticipated timelines
  • Intended URLs of the digital assets
  • Integrations (if any)
  • Intended disclosures

Serverless Architecture

Sargon recommends that digital assets employ a serverless architecture to our API to benefit from significantly reduced operational cost, complexity, and engineering lead time. To reduce security and compliance complexities, where possible, UI implementations should connect directly to the Sargon API any proxies or "thin" backends.

Where data is required, Sargon can provide an alternative data warehousing solution to reduce the need to create and maintain a backend.

Please contact to learn more.

Deployment Timeframe Guidelines

For deployments to production, we anticipate a timeframe of at least 2 to 4 weeks for a security and compliance review, which may entail:

  • Security review on the implementation of the API
  • Compliance review on all disclosure including UI interactions
  • Compliance review on change management and processes

Sargon can introduce independent security providers to efficiently assist with the review. Alternatively, you can also opt to nominate an independent security provider and provide the appropriate evidence that satisfies the appropriate regulatory guidelines:

Please contact to learn more.


The digital asset will be monitored on a periodic basis as approriate and may need to undergo ongoing security assessments to ensure that we are upholding our fiduciary duties to end-customers.

Copyright © Sargon. All Rights Reserved.