Tenant isolation
Designed so each customer's data is scoped to its organization across the database, cache, queues, vectors, storage, and search.
Security at iEmad
Security is built into the shared platform every module runs on. The controls below describe capabilities the platform is designed for — not legal or certification claims.
Role-based access
Provides controls for least-privilege roles, with platform administration separated from tenant administration.
Module entitlements
Module access is enforced server-side — not just hidden in navigation.
Audit trails
Sensitive actions are recorded to an append-only audit log scoped to the tenant.
Secure connector handling
Connector credentials are organization-scoped and access is governed by entitlements and permissions.
AI governance
Provides controls for AI policy, security scanning of inputs, and data-boundary handling.
Data-boundary controls
Designed to keep tenant data within its boundary; supports configurable retention.
Enterprise identity
Supports configuration for enterprise identity providers, including OIDC and SAML-style SSO and SCIM provisioning.
For governance and compliance details, see the Trust page.