🔒 Enterprise Security
Security at FieldZenPro
Last Updated: March 2026
Security is not an afterthought at FieldZenPro — it's built into every layer of our platform. Here's how we keep your business data safe.
🔠Authentication & Access Control
- JWT-based stateless authentication with short-lived tokens
- Role-based access control (Admin, Manager, Engineer, Technician, Customer)
- Multi-tenant data isolation — one tenant can never access another's data
- Password hashing using industry-standard bcrypt
🔑 Secrets & Key Management
- All secrets managed via Azure Key Vault — never stored in code or config files
- Digital signature keys for quotations are rotated and stored securely
- Payment processing handled exclusively by Stripe (PCI-DSS compliant)
🌠Transport Security
- HTTPS enforced across all endpoints — no plain HTTP connections
- TLS 1.2+ required for all API communications
- Azure-managed SSL certificates with automatic renewal
📋 Audit & Compliance
- Immutable audit logs on every data-changing action — who, what, and when
- Full traceability from quote creation to invoice payment
- Azure SQL with automated backups and point-in-time restore
Report a Vulnerability
If you discover a security vulnerability, please report it responsibly to fieldzenpro@gmail.com. We take all reports seriously and will respond within 48 hours.