Our Platform



We operate a proprietary and blazing fast cloud platform powered by a custom software and orchestration layer atop hardware and bandwidth from the world’s largest infrastructure providers.

Our newest data center in New Jersey runs exclusively on record-breaking AMD Epyc and Ryzen CPUs.


  • 6 Points of Presence strategically located across the United States
  • We have Business Associate Agreements in place with every downstream provider that touches our infrastructure and each agreement is directly between the provider and Cato Systems.
  • We only use Tier 4 data centers that receive annual independent SOC audits.
  • Every disk features full-time 256-bit encryption that is always active and meets the encryption requirements of the HITECH Act.
  • Every server rack has trackable physical access restrictions that satisfy the physical security requirements of the HIPAA Security Rule.
  • All access is dns-based, which allows us to filter all customer traffic through a DDOS-protected proxy network, then through a Web Application Firewall and then through multiple application gateways and load balancers. All DNS zones are further protected by DNSSEC.
  • Every VPC and subnet inside our platform communicates over SSH tunnels on internal IP addresses that are not routable outside the network.
  • Every customer-facing portion of our platform uses TLS 1.3 certificates and multiple cryptographic algorithms. The TLS 1.3 standard was released in July 2017 and is the latest and strongest encryption standard.
  • Our entire platform only opens 6 specific ports and those are monitored fanatically. There are never any unused or unmonitored ports open.
  • We never serve email from our application or database servers. All of our platform’s email is served by third-party email providers on outside systems. There are no MX, TXT or SPF records exposing our origin data.