Security Overview

This guide explains the public-facing security expectations for using Irmaya and the operational practices workspace owners should follow.

Security Overview

This guide explains the public-facing security expectations for using Irmaya and the operational practices workspace owners should follow.

Overview

Security in Irmaya is about protecting workspace access, handling customer information carefully, and limiting who can perform sensitive actions.

This page focuses on:

  • access management
  • workspace-level security habits
  • operational data handling
  • security-related review practices

What This Guide Covers

Use this page to understand:

  • how to think about roles and access
  • what security habits your team should follow
  • how to reduce risk in daily operations

This page does not claim third-party certifications or legal coverage beyond what has been explicitly documented elsewhere.

Access Management

Controlling who can access the workspace is one of the most important security practices.

Good access habits include:

  • using strong passwords
  • enabling extra account protection when available
  • reviewing team access regularly
  • removing access that is no longer needed

Data Handling

Teams should be intentional about the customer and business information they place in Irmaya.

Recommended practices:

  • store only the information needed for the workflow
  • limit access to sensitive content
  • review who can view or change important settings
  • avoid sharing confidential information too broadly inside the workspace

Operational Review

Security is not only about settings. It also depends on review habits.

Useful review routines include:

  • checking which team members still need access
  • reviewing configuration changes carefully
  • watching for unusual activity or unexpected behavior
  • confirming that sensitive workflows are handled by the right people

Backup and Recovery Planning

Workspace owners should decide ahead of time how important information will be preserved and recovered if needed.

At a minimum, teams should:

  • know what information matters most
  • understand which exports or records they rely on
  • document who is responsible for recovery decisions

Security Checklist

Use this checklist as a simple operational review.

  • strong password practices are in place
  • team access is reviewed regularly
  • high-impact permissions are limited
  • sensitive information is handled carefully
  • recovery and export expectations are understood internally

Common Questions

Who should have admin-level access?

Only trusted workspace owners or administrators who need to manage settings, permissions, and sensitive operational workflows.

How often should access be reviewed?

Review access whenever the team changes and also on a regular schedule for ongoing workspaces.

What should be treated as sensitive?

Customer information, internal business material, privileged settings, and anything that could create risk if shared too broadly.

Related Guides