Anysola is built for regulated industries; security is a product requirement, not an afterthought.
Encryption
- In transit — TLS 1.2+ everywhere, including between internal services.
- At rest — all customer data encrypted with AES-256.
- API keys — stored only as salted hashes; the plaintext key is shown once at creation and cannot be recovered.
Isolation
Workspaces are the isolation boundary. Agents, operations, integrations, API keys, and members all belong to exactly one workspace, and every API request is scoped to the workspace that owns the presented credentials.
Access control
- Workspace membership uses role-based access (owner, admin, member) — see your workspace's Members page.
- Session authentication is handled by Clerk; programmatic access uses scoped workspace API keys.
- Platform administration (Anysola staff) is separated from customer workspaces and audited.
Reporting
Security disclosures: see anysola.com/security for our policy and contact. We commit to acknowledging reports within 2 business days.