Security
Security at SiteDNA
We're building SiteDNA to handle the customer data, site photos, and contract details landscape account managers deal with every day. Here's what we do today, and what's on the roadmap.
Current state
- Hosting
- AWS, via Cloudflare.
- Encryption at rest
- AES-256.
- Encryption in transit
- TLS 1.3.
- Backups
- Daily, with 30-day point-in-time recovery.
- Authentication
- AWS Cognito manages identity. Sign in with Google or email magic-link. No passwords stored on our servers.
- Least-privilege access
- Role-based access control on every object. Branch managers see their branch; account managers see their book.
On the roadmap
We focus on the fundamentals like encryption, backups, access control. We're a tight-knit team that owns every change, before we put a third-party badge on it.
- Configurable data retention policies
- Customer-managed encryption keys (Enterprise tier)
Questions or concerns
Security questions, responsible-disclosure reports, and vendor security reviews: security@sitedna.ai. We respond within one business day.