CustomerNode

Theme: Light

Security

CustomerNode is a multi-tenant SaaS platform. Our security program is built around independently audited controls, least-privilege access, and defense-in-depth infrastructure. This page summarizes key operational and technical controls.

SOC 2 Type I

CustomerNode maintains a SOC 2 Type I report covering the Trust Services Criteria relevant to a multi-tenant SaaS platform. A public redacted version is available to view and download. The unredacted version — including subservice organization identities and architectural detail — may be made available to current and prospective customers during security review.

Infrastructure security

Production infrastructure runs in cloud environments whose controls are independently audited. Administrative access to production systems is restricted and controlled through authenticated management paths. Public-facing endpoints sit behind a managed edge layer that performs TLS termination and traffic filtering.

Encryption

  • In transit: all customer traffic is encrypted using TLS 1.2 or higher.
  • At rest: customer data stored in production databases and object storage is encrypted at rest.
  • Field-level: sensitive fields are additionally encrypted at the application layer where appropriate.
  • Secrets: production credentials and API keys are managed separately from source code.

Access controls

  • Production access is restricted to a small number of authorized personnel on a least-privilege basis.
  • All employee access requires multi-factor authentication.
  • Access is granted by role and reviewed periodically. Departing personnel are de-provisioned promptly.
  • Customer-facing authentication supports password + MFA and SSO via OAuth providers where configured.

Tenant isolation

CustomerNode is a multi-tenant platform. Tenants share infrastructure but are logically isolated at the application layer. Every privileged endpoint enforces a permission check that evaluates the requesting user's tenant membership and role before returning data. Internal testing includes a permission-matrix suite that exercises cross-tenant access patterns to verify that one tenant cannot read or modify another tenant's data.

Logging & monitoring

  • Application, authentication, and admin actions are logged with user, tenant, and timestamp.
  • Security-relevant logs are retained and protected against unauthorized modification.
  • Anomalous authentication and access patterns trigger internal alerts.
  • Customer-visible audit logs are available within the application for actions on customer data.

Backup & recovery

Production data is backed up on a regular schedule. Backups are encrypted and stored separately from primary infrastructure. We periodically test restoration procedures to validate recovery objectives.

Secure SDLC

  • All code changes are peer-reviewed before merge.
  • Automated tests, type checks, and security scans run on every change.
  • The codebase enforces tenant-scoped query patterns; deviations are caught by automated lint and test rules.
  • Dependencies are tracked and reviewed for known vulnerabilities on every build.

Vulnerability management

We monitor for known vulnerabilities in our own code and in third-party dependencies. Critical and high-severity issues are remediated on an expedited timeline; lower-severity findings are prioritized within standard release cycles. Security researchers may report vulnerabilities under our Vulnerability Disclosure Program, which describes scope, safe harbor, response timelines, and coordinated disclosure.

Shared responsibility

Security on a multi-tenant SaaS platform is a shared model. CustomerNode operates the platform; tenant administrators configure it for their organization. Both sides have responsibilities, and gaps on either side weaken the overall posture.

CustomerNode is responsible for

  • Physical and infrastructure security of the underlying cloud environment (via audited subprocessors).
  • Platform code, including authentication, permission enforcement, and tenant isolation.
  • Encryption in transit and at rest.
  • Patching of platform components and dependencies on a defined cadence.
  • Detection and response for platform-level security events.
  • Backup, recovery, and business continuity of the platform.
  • Notification of security incidents affecting customer data per the Data Processing Addendum.

The customer (tenant) is responsible for

  • Choosing strong authentication for users (MFA, SSO where applicable) and protecting end-user credentials.
  • Provisioning and de-provisioning users in their organization — particularly removing access when staff leave.
  • Assigning roles and permissions appropriate to each user's job function.
  • Configuring tenant-level privacy and sharing settings (e.g. guest sharing, generative AI enablement) consistent with their own policies.
  • Managing the integrations they install and the third-party credentials those integrations use.
  • Reporting suspected unauthorized access or unusual account activity promptly to [email protected].
  • The legality and appropriateness of customer data uploaded to the platform.

Continuous controls

Security controls are reviewed and updated continuously as the platform evolves. Access reviews, credential rotation, vendor reviews, and infrastructure hardening are performed on an ongoing basis.

First-Party AI

1-2 minutes please — Your AI agent is working

First-Party AI™ can make mistakes. Always check important information.