Security & governance

Trust isn't a feature here — it's the architecture

The same decisions that make field data reliable also make it secure: named-user attribution, no silent overwrite, and an audit trail on every action.

Controls

Security built into the spine

Named-user, least-privilege access

No shared accounts. Five roles with per-role landing pages and route guards. External supplier surveyors are scoped to only their assigned properties — they never see the rest of the portfolio.

SSO/MFA-ready authentication

Designed to wire into single sign-on, multi-factor authentication and remote revocation. Offline sign-in uses a cached identity so field work continues without a connection.

No silent overwrite

Every sync compares the pre-loaded master version against the server. Mismatches are blocked and logged as conflicts rather than overwriting either side — your master record is never quietly destroyed.

Maker-checker QA gate

Surveys are point-in-time snapshots. They only promote to the live record after an independent reviewer accepts them, with comments and a full audit of every decision.

End-to-end audit trail

Capture, photos, QA decisions and sync events are all attributed to the named user, with timestamps and device. Sync completeness distinguishes response, photo, partial and failed.

Evidence-led data confidence

Photos are bound to the exact question, component or issue — never a loose gallery. Provenance (surveyor, device, schema and question-set version) travels with the data.

Data governance

Principles that keep the record honest

The model is designed so the data can be trusted long after the survey is filed.

  • Property is the asset — Property → Components → Issues, with stable keys throughout
  • Survey snapshot is distinct from the live record; promotion is a controlled step
  • Structured before narrative — typed records with controlled codes, not free text
  • Compliance 'unknown' surfaces as an exception, never a false-green default
  • One accepted source produces both the PDF and the structured export
  • Conflict-control model designed to reconcile with external systems, not overwrite them

Bring security questions to the demo

We'll walk your information governance team through access, audit and conflict control in detail.

Book a demoExplore the platform