Tenant isolation
Each organisation's videos, drafts, releases, training records and billing context are separated per tenant. Cross-tenant access is a design invariant, enforced in the data layer, not a configuration option.
Security & trust
Security pages usually tell you what a vendor wants you to believe. This one tells you what is actually built in, and what we deliberately do not claim yet.
Each organisation's videos, drafts, releases, training records and billing context are separated per tenant. Cross-tenant access is a design invariant, enforced in the data layer, not a configuration option.
AI operates in proposal mode: it drafts procedure steps, warnings and checklist items from task videos. A named manager must review and approve before anything reaches workers. There is no autonomous approval, publishing or billing path.
Approval creates an immutable version; training, quizzes and checklists bind to that version. What a worker trained on can always be traced to the exact approved release and its approver.
Task videos are access-controlled within the tenant. Worker-facing public links are token-scoped and served with hardened headers (no indexing, no referrers, strict content-security policy, never framed).
Public demos run on a synthetic demo tenant through a Docker-based demo lane. No real customer data is used in public demos, and we ask prospects not to share confidential data during evaluation.
SOPCam Sentinel is our roadmap for continuous assurance: automated, ongoing verification of the security and governance invariants described above, with evidence generated as a by-product of normal operation. It is a roadmap commitment — a direction we are building toward with design partners — and not a current certification or audit result.