Security
How AWX protects your business.
Security is built into AWX from the beginning. The platform is designed around tenant isolation, centralized identity, explicit permissions, least privilege, and clear separation between platform administration and tenant administration.
Tenant Isolation
AWX is designed as a multi-tenant platform. Business records, contacts, financial data, workflows, resources, and communication history belong to a specific tenant. Queries and permissions are designed around tenant context.
Identity and Authorization
Identity answers who the user is. Authorization determines what the user may access within a tenant. AWX uses roles, modules, functions, access modes, approval rights, and access scopes to keep permissions explicit and understandable.
Least Privilege
Users should only receive the access needed to perform their work. Platform administration is separated from tenant administration, and tenant roles are managed within the context of the business they support.
Secure Communications
AWX uses trusted communication providers for email and messaging. Communication events can be logged for operational visibility, troubleshooting, and future audit support. SMS communications are permission-based and support opt-out instructions.
Sensitive Information
AWX is designed to avoid unnecessary duplication of regulated or highly sensitive information. Where appropriate, specialized providers may be used for payments, messaging, authentication, or other infrastructure services.
Audit and Visibility
Significant business events should be recorded so activity can be reviewed, traced, and improved over time. Communication logs, workflow status, financial events, and lead records are part of AWX's broader operating model.
Continuous Improvement
Security is not a one-time checklist. AWX is built to evolve as business needs, compliance expectations, and platform capabilities mature.
