Security & trust

Built for the standard IT holds everyone else to

You audit your clients' security posture for a living. synchros is built to pass the same bar - isolation, access control, and auditability at the core.

Mandatory two-factor authentication

TOTP two-factor is required on every account, on every plan - no opt-out. A knowledge base holding client credentials and runbooks demands it.

Bot & credential protection

Sign-in is protected by hCaptcha, and passwords are checked against known-breach lists and strength requirements, so weak or compromised credentials never get in.

Row-level isolation (RLS)

Every workspace is logically isolated by Postgres row-level security, so one customer's knowledge is never visible to another.

Delegated, role-based access

Granular control over who can read, create, edit, and publish - delegated from the master to per-client managers, scoped by client Space and narrowed further by tag.

Encryption in transit & at rest

TLS everywhere; data encrypted at rest by the underlying platform.

SSO / SAML

Single sign-on with Entra ID (Azure AD) and Okta, with domain-based routing.

Audit log & versioning

Every change is recorded - who, what, and when - with the ability to roll back.

Secret detection & redaction

Passwords, keys, and tokens are detected and stripped on import and flagged in articles, so credentials never leak into the knowledge base.

Client data separation (MSP)

Per-client Spaces keep each customer's knowledge cleanly separated and access-scoped.

Data residency options

Workspaces run in the US by default; EU, UK, Canada, and Australia regions are available for Enterprise.

Least-privilege service access

Backend access follows least privilege; secrets are never exposed to the client.

Compliance & reviews

Security is engineered into synchros from the ground up, aligned to ITIL knowledge-management standards and the controls enterprise IT teams expect: isolation, access control, encryption, and auditability by default. We're built for your procurement process, so send your security questionnaire or framework requirements and our team turns them around fast.

Security · synchros