Security for compliance, LMS, feedback, and People Ops records
WorkforceVault protects the records auditors ask for: acknowledgments, training transcripts, feedback cycles, manager actions, access events, and exportable evidence packets.
Control plane
Evidence trust chain
Access boundary
SSO, MFA, role permissions, and scoped sessions.
Audit ledger
Security events, admin actions, and export history.
Data protection
Encrypted storage, transfer protection, and backup controls.
Operations watch
Monitoring, review cadence, and incident response paths.
Control ledger
Security follows the same evidence model as the product.
WorkforceVault protects records that contain compliance state, training evidence, employee feedback, People Ops history, access changes, and export activity. The security surface is organized around ownership, scope, and proof.
Granular role-based access controls ensure only authorized personnel can access your data. MFA is available today, and enterprise SSO remains beta-gated until the operational flag is enabled. Operational SSO is disabled unless the beta flag is enabled.
Identity and access
Role permissions, scoped sessions, MFA policy, and SSO options (selected providers).
User ledger, access events, session state, permission review.
Workforce evidence data
Acknowledgments, LMS transcripts, feedback cycles, People Ops tasks, and export packets.
Encrypted record store, transfer protection, backup controls.
Admin operations
Platform actions, delivery history, report exports, integration changes, and support handoff.
Audit ledger, admin timeline, scoped export history.
Operational resilience
Monitoring, vulnerability review, incident response paths, and recovery checks.
Runbook owner, review cadence, response record.
Operations runbook
Security practice is visible as a working record, not a badge wall.
The platform favors boring controls that a customer can reason about: encryption, access scope, backup discipline, US-based AWS hosting, monitoring, and documented review paths.
Collect
Admin actions, access events, exports, delivery status, and integration changes are written to the operating record.
Restrict
Role scope keeps platform admins, managers, employees, partners, and implementation users in the right lane.
Review
Security reviews, access checks, backup validation, and vulnerability response stay attached to owners.
Export
Security documentation and evidence context can be assembled for customer review without rebuilding the story.
Security review
Need security documentation for a buying committee?
Send the review scope and we will route the right security, privacy, access, hosting, and evidence-export context.