Enterprise-grade protection for mission-critical field data β from device encryption to identity federation, every layer secured and auditable
Security built into every layer β data at rest, data in transit, identity, access, compliance, and device integrity
All field data stored in the local SQLite database is encrypted at rest using AES-256-GCM with device-bound keys derived from the device secure enclave. All data in transit is protected with TLS 1.3 minimum β TLS 1.2 is explicitly disabled. No field record, photo, or certificate is ever stored or transmitted in cleartext.
Authentication is delegated to any OIDC-compliant identity provider via MSAL 4.x on mobile and MSAL.js on the web. Primary support for Microsoft Entra ID (formerly Azure AD) and Okta, with generic OIDC configuration for any compliant IdP. Authorization Code Flow with PKCE on all clients β no implicit flow, no client secrets in mobile apps.
Fine-grained RBAC enforced at the API route, feature service query, and UI component level. Built-in roles: Field Inspector, Supervisor, Dispatcher, Contractor, Analyst, Tenant Admin, Platform Admin. Custom role definitions allow organizations to craft permission sets matching their org structure. RBAC decisions are logged for every protected resource access.
MFA is enforced via the OIDC provider β Entra ID Conditional Access policies can require MFA based on location, device compliance, or risk signal. Supported second factors include TOTP authenticator apps, push notifications (Microsoft Authenticator, Okta Verify), and FIDO2 hardware security keys (YubiKey, etc.).
Every create, read, update, and delete action on protected resources generates an immutable audit log entry containing: actor identity, role at time of action, tenant ID, affected resource ID, change delta, timestamp (UTC), device ID, app version, and GNSS position (when action originated from the mobile app). Logs are append-only and exportable for regulatory review.
Microsoft Intune Mobile Application Management (MAM) policies: data-at-rest encryption, clipboard restriction, screenshot prevention, mandatory PIN on app launch, and remote wipe of app data. Jamf Pro managed configuration profiles deliver pre-deployment settings. Conditional Access policies block unmanaged or non-compliant devices from API access.
Architecture-level privacy controls: data residency selection (EU / US / custom), right-to-erasure workflows that cascade deletion across mobile, API, and evidence storage, structured data export (Article 20 portability), consent management for analytics telemetry, and data retention policies with automated expiry enforcement.
Certificate pinning prevents man-in-the-middle attacks on mobile API calls. Root/jailbreak detection blocks the app from running on compromised devices. App integrity attestation (Play Integrity API on Android, Windows Package Identity on Windows) validates the app binary has not been tampered with before sensitive operations are permitted.
Algorithms, protocols, and compliance standards in detail
Integrates with the enterprise security stack your organization already runs
Conditional Access, MFA, device compliance
OIDC federation, Okta Verify MFA, lifecycle mgmt
MAM/MDM policies, conditional access, app config
Managed app config profiles, compliance checks
Hardware security key MFA via OIDC provider
SIEM integration via structured log export
Security is woven into every feature β not bolted on
AES-256 local storage, MSAL auth, MDM policies
Token validation, RBAC middleware, audit pipeline
PKCE auth, role-scoped UI, session management
GNSS-stamped audit trail on every inspection action
GNSS position embedded in all audit log entries
Review the security architecture with your InfoSec team β we provide full documentation and threat model