Security

Security is not an add-on: local data stays under your OS account, and premium traffic is designed around isolation, validation, and least privilege.

Desktop and local data

Local CRM data stays on your machine and follows access controls provided by your operating system account.

Premium API and cloud boundaries

When premium capabilities are enabled, API traffic is authenticated and scoped to isolate each tenant.

Security practices in place

• Premium API routes enforce tenant scoping so one customer cannot read another's data.
• Inputs are validated on the server; contracts stay typed to reduce whole classes of mistakes.
• The architecture leaves room for audited plugins and explicit permissions as the product grows.

Shared responsibility

Aurion secures the application and service boundaries, while customers remain responsible for endpoint hygiene, access policies, and local environment protection.

For critical security questions, use the contact page and include enough technical detail for triage.