Back to home

Security

How SNR-PMO protects your data. Last updated June 2026.

Security is built into the architecture of SNR-PMO, not bolted on. Below is an overview of the controls that protect your organization’s data.

Tenant isolation by default

Every record in the platform is scoped to an organization and enforced by database row-level security (RLS). Access rules are applied at the data layer, so application code cannot accidentally leak data across tenants. Write paths are designed to fail closed.

Authentication & access control

  • Managed authentication with email/password and OAuth sign-in.
  • Granular, role-based permissions at the organization, company, portfolio, and project levels.
  • Seat- and feature-level entitlements enforced server-side, not just hidden in the UI.

Auditability

Key actions across core tables are captured automatically by database triggers into an immutable audit log, giving administrators a clear, exportable trail for reviews and compliance.

Infrastructure

  • Hosted on managed, reputable cloud infrastructure with encryption in transit.
  • Secrets and payment credentials are stored in the platform configuration layer, never in client code.
  • Regular dependency and configuration review.

Reporting a vulnerability

If you believe you have found a security issue, please reach out through our contact page. We appreciate responsible disclosure and will respond promptly.

This overview describes the platform’s security model and should be tailored to your deployment and reviewed before sharing with customers.