Security

How we protect your data and keep your organisation safe.

Security is foundational to everything we build at AssetBase. Your organisation trusts us with critical asset data, and we take that responsibility seriously. Here's how we protect it.

Infrastructure Security

AssetBase runs on Cloudflare's global edge network, providing built-in DDoS protection, Web Application Firewall (WAF), and automatic threat mitigation. There's no single-server dependency — your data is served from the nearest Cloudflare data centre worldwide.

Data Encryption

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. This includes your database records, uploaded files, and backups. Sensitive credentials (such as integration tokens) are stored with additional application-level encryption.

Authentication & Access Control

AssetBase enforces role-based access control (RBAC) with distinct permissions for owners, admins, and standard users. We support enterprise single sign-on (SSO) through Okta, OneLogin, Azure AD, Google Workspace, and Microsoft Teams directory integration.

Tenant Isolation

AssetBase uses a strict multi-tenant architecture where each organisation's data is logically isolated. Every API request is validated against your tenant context. There is no cross-tenant data access — your assets, people, and records are visible only to your organisation.

Audit Trails

Every significant action in AssetBase is logged in an immutable audit trail — asset creations, assignments, returns, configuration changes, and user logins. Audit logs are retained for the lifetime of your account and can be exported for compliance reviews.

Uptime & Reliability

We target 99.9% uptime powered by Cloudflare's globally distributed infrastructure with automatic failover. No single point of failure. Our systems are monitored around the clock, and incidents are communicated transparently via our status page.

Backups & Recovery

All data is automatically backed up with point-in-time recovery capability. Uploaded files are stored with redundancy on Cloudflare R2. In the event of data loss, we can restore your organisation's data to a recent state.

Responsible Disclosure

We welcome responsible security research. If you discover a vulnerability in AssetBase, please report it to security@assetbasehq.com. We commit to acknowledging reports within 48 hours and working with you to resolve issues promptly.

Have security questions?

If you're evaluating AssetBase for your organisation and need additional security documentation, please reach out. We're happy to support your vendor review process.

Contact Our Team