Tenant isolation
Company data is logically separated, with access scoped by tenant, user, role, object, project, and permission.
Security and trust
Duxor is being designed around strong tenant isolation, least privilege, explicit permissions, audit history, privacy controls, careful AI confirmation, and clear data ownership.
Security foundations
This page describes product design goals and planned controls for a platform in active development. It does not claim certifications or controls that have not yet been independently validated.
Company data is logically separated, with access scoped by tenant, user, role, object, project, and permission.
Users should see only what their role and project access require, with granular visibility for internal, customer, subcontractor, and vendor information.
Important changes, approvals, AI-assisted actions, confirmations, imports, integrations, and administrative activity should be traceable.
Presence is tied to scheduled work, explicit company policy, visible permissions, active windows, device state, and clear manual fallback.
Financial, contractual, external, destructive, or high-impact actions require appropriate review instead of silent autonomous execution.
Integration adapters are separated from core business logic, with scoped credentials, validation, event history, and reconciliation where needed.
Planned technical controls
| Area | Design direction |
|---|---|
| Identity | Modern authentication, secure session handling, optional multi-factor authentication, device controls, and future single sign-on for enterprise customers. |
| Authorization | Role, project, object, audience, and module permissions with least-privilege defaults. |
| Encryption | Encryption in transit, encryption at rest through managed platform services, and secure secret storage. |
| Data isolation | Multi-tenant boundaries enforced in application and data access layers, with tenant-aware logging and testing. |
| Audit | Immutable or tamper-resistant history where appropriate for permissions, financial actions, approvals, external communication, and AI-assisted changes. |
| Files and media | Private object storage, time-limited secure access, metadata validation, retention controls, and malware scanning as the platform matures. |
| Resilience | Backups, restore testing, monitoring, alerting, incident response, and documented recovery objectives before broad commercial deployment. |
| Privacy | Clear data ownership, retention, deletion, export, and location policies aligned with customer settings and applicable requirements. |
AI accountability
Duxor is designed to create structured work, not hide operational facts inside opaque model output.
An AI-assisted action should preserve the source command or conversation, the user, time, inputs, resolved people and projects, confidence, any question asked, confirmation received, and the records or communications created.
When the system is uncertain, it should say so. When an action has consequences, it should present the proposed result before execution according to company policy.
We welcome detailed conversations with prospective design partners and enterprise teams.