SECURITY
Secure by design, from day one.
Every layer of WorkVerge — from authentication to data storage to AI execution — is built with enterprise security controls and auditability.
WorkVerge security covers encryption, role-based access control, SSO integration, comprehensive audit logs, secure infrastructure, and responsible disclosure practices for enterprise IT operations platforms.
Security controls
Encryption in transit and at rest
All data is encrypted using TLS 1.2+ in transit and AES-256 at rest. API communications require HTTPS.
Role-based access control (RBAC)
Granular permissions scoped by product module, team, and role. Least-privilege access enforced across ITAM, ITSM, and DEX.
SSO and SAML authentication
Support for Google, Microsoft Azure AD, and SAML-based identity providers for seamless enterprise authentication.
Multi-factor authentication (MFA)
TOTP-based MFA with org-level enforcement policies to protect admin and employee accounts.
Comprehensive audit logs
Every asset change, access grant, ticket update, and workflow execution is logged with timestamp, actor, and context. Exportable for compliance reviews.
API key scoping
Org-scoped API keys with usage tracking and configurable scopes per integration.
Secure infrastructure
Hosted on enterprise-grade cloud infrastructure with network isolation, automated backups, and disaster recovery procedures.
Responsible disclosure
We maintain a responsible disclosure program. Report security issues to [email protected].
FAQ
Security questions
Is WorkVerge data encrypted?
Yes. All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.
Does WorkVerge support SSO?
Yes. WorkVerge supports Google OAuth, Microsoft Azure AD, and SAML-based single sign-on for enterprise identity providers.
Can I export audit logs?
Yes. Audit logs for assets, access changes, tickets, and workflows can be exported for internal compliance reviews and vendor security questionnaires.
How does WorkVerge handle AI data privacy?
WorkVie AI operates on your org-scoped data within your workspace. AI queries respect RBAC permissions and are not used to train public models.
Clear IT operations start with one step.
Most teams start with ITAM and have full asset visibility within 2 Weeks. AI surfaces the gaps, the risks, and what to prioritise from day one.