Security Overview

Modern security practices to protect your data and applications.

Last updated: November 2025

Centrali is designed with modern security practices to protect your data and applications.

Data Security

All data is encrypted **in transit (TLS 1.2+)**
All databases use **encrypted storage**
Access is restricted to authorized system services only
Workspace isolation ensures data separation between tenants

Authentication & Access Control

Workspace-based roles and permissions
Token-based API authentication
Optional MFA via supported identity providers (planned)

Network Security

Firewalls and access restrictions
Automatic denial of suspicious or abusive requests
Rate limiting on API endpoints

Backups & Redundancy

Automated data backups
Redundant storage layers
Disaster recovery procedures
Reasonable retention for deleted data

Operational Practices

Logging and audit traces for system-level activity
Limited internal access
Security updates and patches applied regularly

Responsible Disclosure

If you believe you've found a security issue, please email: security@centrali.io We appreciate responsible reporting.