Security

Effective 17 June 2026

Encryption

  • All data is encrypted in transit with TLS 1.2+.
  • All data is encrypted at rest at the database and object-storage layer.
  • Personally identifying contact fields use blind-indexing so they are searchable without exposing plaintext.

Access control

  • Every query is scoped to a single tenant by row-level security in the database — not just by application code.
  • Database roles are least-privilege; application roles cannot read across tenants.
  • Staff access to production is restricted, individually authenticated, and logged.
  • No Nelkins Properties agency staff hold a credential that can read tenant data. See Tenant Isolation.

Monitoring & resilience

  • Application errors and security events are captured (Sentry) and access logs are retained.
  • An append-only audit trail records security-relevant actions across the platform.
  • Automated database migrations run on every deploy with drift detection in CI.
  • Managed, backed-up Postgres with point-in-time recovery.

Secure development

  • Secret scanning and push protection on the source repository.
  • Dependency scanning; inputs validated at HTTP, CLI, and file-parser boundaries.
  • Secrets are held in environment configuration and are never committed.

Certifications & assurance

We are transparent about where we are. SOC 2 Type I is in progress; we will publish the report (under NDA) and a completion date here when it is issued. Penetration testing is scheduled ahead of Enterprise SSO general availability. We do not claim certifications we do not hold.

Reporting a vulnerability

Email security@nelkins-os.xyz. We acknowledge reports within two business days and will keep you updated through remediation.