Security and compliance built into the foundation.
Enafeedback is designed for organizations where data isolation, identity governance, and audit integrity are non-negotiable — hospitals, financial institutions, multi-site enterprises.
Capabilities
Every security feature you need. None added later.
PostgreSQL Row-Level Security
Complete data isolation enforced at the database engine level. No cross-tenant data leakage even under application misconfiguration.
OIDC / SAML Identity
Enterprise identity via EnaCore Identity with PKCE flows. Module-scoped roles: feedback, hygiene, survey, cleaning, buildings, team, audit, platform owner.
HMAC-SHA256 Audit Chain
Append-only audit log with cryptographic integrity chaining per organization. Hash and chain verified on demand in the admin panel.
Encrypted Secrets at Rest
SMS provider credentials, webhook secrets, and session tokens encrypted using AES-GCM before storage in Redis.
Module-Scoped RBAC
Granular roles per module: Admin, Operations Lead, Field Supervisor. Plus platform-level Auditor and Owner roles for compliance surfaces.
Audit Retention Tiers
3 years on Starter, 5 years on Professional, 7 years on Enterprise. CSV export up to 5,000 rows with hash integrity verification.
Built for regulated, multi-tenant environments.
Security and compliance are not bolt-ons. They are structural properties of the platform.
PostgreSQL Row-Level Security
Complete data isolation enforced at the database layer via RLS. No organization can access another organization's data — even under misconfiguration. Optional full data isolation available.
OIDC Identity Management
Enterprise-grade identity with OIDC/SAML flows. Module-scoped roles: feedback, hygiene, cleaning, survey, buildings, team, audit. Platform owner role for compliance surfaces.
HMAC-SHA256 Audit Chain
Every admin action is recorded in an append-only, per-organization audit log with HMAC-SHA256 integrity chaining. Hash and chain validity verified on demand.
Global Data Security
Contact capture is optional. Explicit consent recorded at submission. Customizable flexible data retention periods. PII redacted before AI processing.
Enterprise Architecture FAQ
Enterprise-grade infrastructure. No trade-offs.
PostgreSQL RLS
Data isolation enforced at the database engine level, or optional full isolation.
HMAC Audit Chain
Tamper-evident, per-organization, append-only audit records.
OIDC
Industry-standard enterprise identity and SSO.
International standards compliant
Consent-first data collection with configurable retention.
Huawei OBS
Per-organization object storage with encryption at rest.
EnaSpace Platform
Self-service provisioning, billing, and operations via EnaSpace Portal.
See Enafeedback in your environment.
Contact us — we'll walk through setup, modules, and your enterprise configuration together.