Authentication & Access
SSO via Okta, OneLogin, Auth0: Integrate with your existing identity provider for centralized authentication.
Enforced SSO: Require all workspace members to authenticate through SSO, disabling alternative sign-in methods.
Role-based access controls: Define granular permissions for admins, editors, contributors, and viewers.
Session management: Set session timeout policies and manage active sessions.
Data Protection
AES-256 encryption at rest: All stored data is encrypted with AES-256.
TLS 1.2+ encryption in transit: All data in transit is protected with TLS 1.2 or higher.
Automated backups: Regular automated backups with disaster recovery procedures.
Data residency options: Discuss data location and residency requirements with your account manager.
Compliance
SOC 2 Type II: Audited security, availability, and confidentiality controls.
ISO 27001: Certified information security management system.
PCI DSS: Payment Card Industry Data Security Standard compliance.
GDPR: Full EU data privacy regulation compliance.
Monitoring & Incident Response
Enterprise accounts include audit logging, activity monitoring, and a dedicated incident response process with prompt notification of any security events.