Skip to content

Security

Enterprise-grade by default.

Security isn't a feature — it's the foundation. Here's what we do to keep your institution's data safe.

Multi-tenant RLS

Every table is scoped by organization and protected by row-level security policies enforced at the database layer.

Enterprise RBAC

14 default roles and 110+ granular permissions. Clone, extend and audit every role.

Encryption in transit & at rest

TLS everywhere. Postgres data at rest is encrypted by our infrastructure providers.

Audit logging

All mutations pass through a central audit pipeline for compliance and forensics.

Backups & recovery

Automated daily backups with point-in-time restore. Manual snapshots on demand.

Least privilege

Session tokens are scoped, secrets are never exposed to the browser and impersonation is disabled.

Report a vulnerability to security@edumesh.app. We respond within one business day and publicly credit responsible disclosures.