Security
Security isn't a feature we added later. It's built into every layer of OparBase — from database isolation to encrypted backups.
SOC 2 Type II
Compliant
GDPR
Compliant
CCPA
Compliant
TLS 1.3
Enforced
AES-256
All data at rest
Row-Level Security
All tables
All data encrypted with AES-256 at rest and TLS 1.3 in transit. API tokens and secrets stored in encrypted vaults with automatic rotation.
Row-level security (RLS) enforced at the database layer. Every query is scoped to a tenant_id. No tenant can ever access another tenant's data, even in the event of an application-level bug.
Granular roles (Owner, Admin, PM, Dispatcher, Accounting, Designer) with configurable permissions. Users only see what they need to see.
Hosted on AWS US regions with SOC 2 Type II compliance. Regular security audits, vulnerability scanning, and penetration testing.
Database backups every 4 hours with 30-day retention. Point-in-time recovery available. Backups are encrypted and stored in a separate region.
Every status change, data modification, and user action is logged with timestamps and user IDs. Full audit trail for compliance and accountability.
Industry-standard authentication with bcrypt password hashing, session management, and optional SSO. Rate limiting on all auth endpoints.
Your data belongs to you. Export everything at any time in CSV or JSON. No lock-in, no data hostage tactics.
We're happy to discuss our security practices, provide documentation, or complete your vendor security questionnaire.
Contact our team