Security & Trust

Security is not an afterthought at FSM Navigator — it is foundational to everything we build. Every feature, every endpoint, and every data flow is designed with security as a first-class requirement. We continuously invest in security infrastructure, monitoring, and process improvements to stay ahead of evolving threats.

Our security program is built on five core pillars:

• Encryption everywhere — Your data is encrypted at rest and in transit, using industry-standard encryption protocols
• Strict tenant isolation — Each customer’s data is logically isolated; one customer can never access another’s information
• Principle of least privilege — Users access only the data and features required for their role
• Continuous monitoring — Automated systems detect and respond to suspicious activity around the clock
• Secure development — Our engineering team follows secure coding practices with regular security reviews

All sensitive data is encrypted at rest using bank-grade encryption standards. Our encryption infrastructure meets or exceeds the requirements set by leading financial and healthcare institutions.

All data in transit is protected with modern transport-layer encryption, ensuring that information exchanged between your browser and our servers cannot be intercepted or tampered with.

Sensitive personally identifiable information (PII) — such as names, email addresses, phone numbers, and physical addresses — receives an additional layer of field-level encryption beyond standard database-level protection. This means that individual data fields are encrypted independently, providing defense-in-depth.

Encryption keys are securely managed with automated rotation capabilities. Even in the unlikely event of unauthorized database access, encrypted data remains unreadable without the corresponding encryption keys.

FSM Navigator is a multi-tenant platform, meaning every customer’s data is logically separated from all others. This isolation is enforced at the data layer — not just the application layer — providing an additional safeguard against data leakage.

Every database query is scoped to the authenticated customer’s organization. Data can never leak across organizational boundaries, regardless of how users interact with the platform.

Session management ensures that each user’s identity is validated on every single request. There are no shortcuts or cached assumptions — authentication is verified continuously.

Impersonation features (used by our support team when assisting customers) are tightly controlled with comprehensive audit trails. Every impersonation session is logged, time-limited, and restricted in scope.

Specifically, support access sessions are governed by the following safeguards:

• Time-Limited Sessions: Support access sessions are strictly time-limited and automatically terminate after the maximum permitted duration, with no option for indefinite access.
• Restricted Operations: Sensitive operations—including financial transactions, credential changes, data deletion, and security configuration changes—are technically prohibited during support access sessions.
• Comprehensive Audit Logging: Every support access session is recorded in tamper-evident audit logs, including the identity of the support representative, the start and end times, and all actions performed.
• Administrator Notification: Account administrators are notified via email and in-app alerts when support access to their organization’s data occurs.
• Minimum Necessary Access: Support personnel can only access the specific organization’s data relevant to the support matter. Cross-tenant data access is not possible.
• Revocable Access: Support access capabilities can be revoked at any time by security administration.

For contractual provisions governing personnel data access, see our Data Processing Agreement (Section 8A).

Role-based access controls (RBAC) ensure that users only see and do what their role permits. Permissions are granular and enforced consistently across every part of the platform.

Roles include Owners, Dispatchers, Technicians, Inventory Managers, Asset Managers, and more — each with precisely scoped permissions. Whether a user can view, create, edit, or delete data depends entirely on their assigned role.

Server-side validation enforces role checks on every request. Client-side restrictions are never relied upon alone — all permissions are verified at the server before any action is processed.

Multi-factor authentication (MFA) can be enforced company-wide by organizational administrators. When enabled, all users within the organization must complete a second authentication step before accessing the platform.

Session timeouts and automatic lockouts protect unattended workstations. Sessions expire after a period of inactivity, and repeated failed login attempts trigger account lockout protections.

Our infrastructure runs on enterprise-grade cloud services with industry-leading reliability and uptime guarantees. Systems are architected for high availability with redundancy built into every critical component.

Regular security patches and updates keep all systems current. We follow a disciplined patch management process to ensure that known vulnerabilities are addressed promptly.

Automated monitoring tracks system health, performance, and security events in real time. Our operations team receives immediate alerts for any anomalous activity, enabling rapid response to potential threats.

All file uploads are automatically scanned for malware before they are stored. Infected files are quarantined and rejected immediately, protecting both our platform and your organization.

Backup systems ensure data recoverability with encrypted, geographically distributed backups. In the event of a disaster, your data can be restored quickly and completely.

Network security controls restrict traffic to only authorized sources and destinations. Firewalls, intrusion detection systems, and access control lists work together to minimize the attack surface.

All requests to the platform are encrypted in transit using modern cryptographic protocols. Sensitive payloads are additionally encrypted at the application layer, providing end-to-end protection that goes beyond standard transport encryption.

Input validation and parameterized queries prevent injection attacks. Every user-supplied input is sanitized and validated before processing, eliminating an entire class of common web vulnerabilities.

Cross-site scripting (XSS) protections are applied across all user-facing interfaces. Output encoding, content security policies, and strict input filtering work together to prevent script injection.

Rate limiting protects the platform from abuse and denial-of-service attempts. Automated throttling ensures fair usage and prevents malicious actors from overwhelming the system.

Comprehensive audit logging tracks all significant operations for forensic analysis. Every user action — from logins and data changes to configuration updates — is recorded in tamper-resistant audit trails.

Automated security scanning is part of our development pipeline. Code changes are reviewed for vulnerabilities before they reach production, and regular security assessments help us identify and address risks proactively.

We collect only the data necessary to provide the Service — nothing more. Our data collection practices are transparent and documented in our privacy disclosures.

Personal data is processed in accordance with our Privacy Policy and Data Processing Agreement. These documents describe in detail how we handle your information at every stage of its lifecycle.

We do not sell, share, or monetize your data. Your information is used solely to deliver and improve the services you have contracted for. We will never use your data for advertising, profiling, or any purpose unrelated to providing the Service.

Cookie usage is minimal and strictly functional — no advertising or tracking cookies. You can learn more about our cookie practices in our Cookie Policy.

Data retention is clearly defined, and you are always in control of your data. Individual users can permanently delete their own account at any time through the self-service option in their profile settings — no email or support ticket needed. Company owners can delete their entire company account through the company settings. When data is deleted, personal information is erased from our live systems immediately, and automated processes ensure thorough cleanup of all related records. For full details on what is retained and why, see our Privacy Policy.

FSM Navigator is designed to meet the requirements of major data protection frameworks. Our security architecture, data handling practices, and organizational controls are aligned with the following standards:

• GDPR — We provide data processing agreements, support data subject rights (access, rectification, erasure, portability), and maintain records of processing activities
• CCPA — We respect California consumer privacy rights and provide all required disclosures, including the right to know, delete, and opt out
• HIPAA — While not a covered entity, our security architecture supports compliant use cases. Please contact us if you require a Business Associate Agreement

Our subprocessors are carefully vetted and documented on our Subprocessors page. We evaluate each subprocessor’s security posture before engagement and monitor them on an ongoing basis.

We continuously evaluate new compliance requirements as they emerge and update our practices to meet evolving regulatory expectations.

We value the security research community and encourage responsible disclosure of vulnerabilities. If you discover a security issue, please report it to our security team immediately at [email protected].

We ask that you:

• Provide us reasonable time to investigate and fix the issue before any public disclosure
• Avoid accessing or modifying other users’ data during your research
• Act in good faith and avoid actions that could harm the platform or its users
• Provide sufficient detail in your report to allow us to reproduce and address the vulnerability

We will not pursue legal action against researchers who follow responsible disclosure practices and act in good faith.

We aim to acknowledge security reports within 48 hours and provide regular updates on resolution progress. We appreciate your help in keeping FSM Navigator and our customers safe.

If you have security concerns, want to report a vulnerability, or have questions about our security practices, please reach out: