How is data isolated between different organizations?

Every database row carries a tenantId column. PostgreSQL Row-Level Security policies enforce that every query — even a misconfigured one — can only return rows belonging to the current tenant. Additionally, each organization can be provisioned with full database isolation for maximum separation.

Which identity provider does Enafeedback use?

Enafeedback authenticates admin users through EnaCore Identity, an enterprise-grade OIDC provider managed by EnaCore. Authentication uses PKCE flows with a dedicated callback domain (auth.enafeedback.com). Passwords are never stored in Enafeedback itself — identity is fully delegated to the IdP.

How does the HMAC audit chain work?

Every admin action (create, update, delete, access) is appended to an immutable audit log. Each log entry includes a HMAC-SHA256 hash derived from the previous entry's hash plus the current event payload. This creates a chain: any tampering with an entry invalidates all subsequent hashes, which can be verified in real time from the admin panel.

What module-scoped roles are available?

For each module (Feedback, Hygiene, Survey) there are Admin, Operations Lead, and Field Supervisor roles. Buildings management has its own role. Additional platform-level roles include Platform Auditor (read-only audit access) and Platform Owner (full access to integrations, SMS config, team, subscription, and org settings).

Can teams in different countries access the same account?

Yes. The admin panel supports 72 languages and 8 configurable display timezones. AI-powered message translation ensures feedback submitted in any visitor language is readable by admins in their own language. All data is consolidated in one tenant regardless of physical location of team members.

Enterprise

Security and compliance built into the foundation.

Enafeedback is designed for organizations where data isolation, identity governance, and audit integrity are non-negotiable — hospitals, financial institutions, multi-site enterprises.

Contact Sales

Capabilities

Every security feature you need. None added later.

🔐

PostgreSQL Row-Level Security

Complete data isolation enforced at the database engine level. No cross-tenant data leakage even under application misconfiguration.

🪪

OIDC / SAML Identity

Enterprise identity via EnaCore Identity with PKCE flows. Module-scoped roles: feedback, hygiene, survey, cleaning, buildings, team, audit, platform owner.

🔗

HMAC-SHA256 Audit Chain

Append-only audit log with cryptographic integrity chaining per organization. Hash and chain verified on demand in the admin panel.

🔑

Encrypted Secrets at Rest

SMS provider credentials, webhook secrets, and session tokens encrypted using AES-GCM before storage in Redis.

👥

Module-Scoped RBAC

Granular roles per module: Admin, Operations Lead, Field Supervisor. Plus platform-level Auditor and Owner roles for compliance surfaces.

📋

Audit Retention Tiers

3 years on Starter, 5 years on Professional, 7 years on Enterprise. CSV export up to 5,000 rows with hash integrity verification.

ສະຖາປັດຕະກຳອົງກອນ

ອອກແບບສຳລັບສະພາບແວດລ້ອມຫຼາຍຜູ້ເຊົ່າທີ່ມີການຄຸ້ມຄອງ. (tenant) (multi-tenant)

ຄວາມປອດໄພ ແລະ ການປະຕິບັດຕາມບໍ່ແມ່ນໂມດູນທີ່ເພີ່ມພາຍຫຼັງ. ເປັນຄຸນສົມບັດໂຄງສ້າງຂອງແພລດຟອມ.

ຄວາມປອດໄພລະດັບແຖວ PostgreSQL

ແຍກຂໍ້ມູນສົມບູນທີ່ຊັ້ນຖານຂໍ້ມູນຜ່ານ RLS. ອົງກອນໃດເຂົ້າເຖິງຂໍ້ມູນອົງກອນອື່ນບໍ່ໄດ້ — ແມ້ຕັ້ງຄ່າຜິດ. ມີທາງເລືອກແຍກສົມບູນ.

ຈັດການຕົວຕນ OIDC

ຕົວຕນລະດັບອົງກອນກັບກະແສ OIDC/SAML. ບົດບາດຕໍ່ໂມດູນ: ຄຳຕິຊົມ ສຸຂາພິບັດ ສຳຫຼວດ ອາຄານ ທີມ ແລະ ກວດສອບ. ບົດບາດເຈົ້າຂອງແພລດຟອມສຳລັບພື້ນຜິວການປະຕິບັດຕາມ.

ສາຍໂຊ່ນກວດສອບ HMAC-SHA256

ການກະທຳຜູ້ດູແລແຕ່ລະຄັ້ງບັນທຶກໃນບັນທຶກກວດສອບເພີ່ມເທົ່ານັ້ນຕໍ່ອົງກອນ ກັບສາຍໂຊ່ນຄວາມສົມບູນ HMAC-SHA256. ກວດສອບ Hash ແລະ ສາຍໂຊ່ນຕາມຄຳຂໍ.

ຄວາມປອດໄພຂໍ້ມູນລະດັບໂລກ

ການເກັບຂໍ້ມູນຕິດຕໍ່ເປັນທາງເລືອກ. ບັນທຶກຄວາມຍິນຍອມຊັດເຈນເມື່ອສົ່ງ. ລະຍະເວລາເກັບປັບໄດ້. ປິດບັງຂໍ້ມູນສ່ວນບຸກຄົນກ່ອນປະມວນຜົນ AI.

Data Isolation Model

EnaCore Catalog DB→Resource Pool DB+ RLS (tenantId)→Tenant A|Tenant B|Tenant N

Enterprise Architecture FAQ

ຄວາມເຊື່ອຖືທາງເຕັກນິກ

ໂຄງສ້າງພື້ນຖານລະດັບອົງກອນ. ບໍ່ປະສົມປະສານ.

PostgreSQL RLS

ແຍກຂໍ້ມູນທີ່ລະດັບເຄື່ອງຈັກຖານຂໍ້ມູນ ຫຼື ແຍກສົມບູນແບບເລືອກ.

ສາຍໂຊ່ນກວດສອບ HMAC

ບັນທຶກກວດສອບປ້ອງກັນການແກ້ໄຂ ຕໍ່ອົງກອນ ເພີ່ມເທົ່ານັ້ນ.

ຕົວຕນ OIDC

ຕົວຕນອົງກອນ ແລະ SSO ຕາມມາດຕະຖານອຸດສາຫະກຳ.

ສອດຄ່ອງມາດຕະຖານສາກົນ

ເກັບຂໍ້ມູນເນັ້ນຄວາມຍິນຍອມ ກັບລະຍະເວລາເກັບປັບໄດ້.

ພື້ນທີ່ເກັບ Huawei OBS

ເກັບອອບເຈັກຕໍ່ອົງກອນ ພ້ອມເຂົ້າລະຫັດຂະນະພັກ.

ແພລດຟອມ EnaSpace

ການຈັດສະໜອງດ້ວຍຕົນເອງ ການເກັບເງິນ ແລະ ການດຳເນີນງານຜ່ານ EnaSpace Portal.

ເລີ່ມຕົ້ນ

ເບິ່ງ Enafeedback ໃນສະພາບແວດລ້ອມຂອງທ່ານ.

ຕິດຕໍ່ມາ — ພວກເຮົາຈະທົບທວນການຕັ້ງຄ່າ ໂມດູນ ແລະ ການກຳນົດຄ່າ Enterprise ຮ່ວມກັນ.

ຄວາມປອດໄພລະດັບແຖວ PostgreSQL

ສາຍໂຊ່ນກວດສອບ HMAC-SHA256

ຄວາມປອດໄພຂໍ້ມູນລະດັບໂລກ

Google Gemini AI