Security
Effective 17 June 2026
Encryption
- All data is encrypted in transit with TLS 1.2+.
- All data is encrypted at rest at the database and object-storage layer.
- Personally identifying contact fields use blind-indexing so they are searchable without exposing plaintext.
Access control
- Every query is scoped to a single tenant by row-level security in the database — not just by application code.
- Database roles are least-privilege; application roles cannot read across tenants.
- Staff access to production is restricted, individually authenticated, and logged.
- No Nelkins Properties agency staff hold a credential that can read tenant data. See Tenant Isolation.
Monitoring & resilience
- Application errors and security events are captured (Sentry) and access logs are retained.
- An append-only audit trail records security-relevant actions across the platform.
- Automated database migrations run on every deploy with drift detection in CI.
- Managed, backed-up Postgres with point-in-time recovery.
Secure development
- Secret scanning and push protection on the source repository.
- Dependency scanning; inputs validated at HTTP, CLI, and file-parser boundaries.
- Secrets are held in environment configuration and are never committed.
Certifications & assurance
We are transparent about where we are. SOC 2 Type I is in progress; we will publish the report (under NDA) and a completion date here when it is issued. Penetration testing is scheduled ahead of Enterprise SSO general availability. We do not claim certifications we do not hold.
Reporting a vulnerability
Email security@nelkins-os.xyz. We acknowledge reports within two business days and will keep you updated through remediation.