Users receive only the permissions required for their role, with administrative access reserved for approved operators.
Data Security
Security for data that runs your business.
PiERP is designed around controlled access, tenant separation, encrypted storage and recovery-first backup protection. The goal is simple: protect business data, make every workspace accountable and keep recovery possible when something goes wrong.
This proposal separates live product capabilities, production launch standards and planned enhancements.
Demo, test and production data are intentionally isolated so customer workspaces remain distinct and controlled.
Backups, snapshots and archive-first cleanup are treated as operating controls, not as afterthoughts after data has already been changed.
01
Production Standard
Edge Protection
The production standard is to run PiERP behind Cloudflare for full HTTPS delivery, WAF firewall protection and DDoS mitigation, while keeping the origin server IP private.
02
Production Standard
Enterprise Identity
AWS Cognito provides the production identity layer with OAuth 2.0, OIDC and SAML 2.0 support, along with optional MFA enforcement for administrator accounts.
03
In Product Today
Role-Based Access Control
PiERP includes a role permission matrix, and administrators can configure each role independently in the UI without requiring engineering involvement.
04
Demo Isolation Today
Tenant Isolation
Each demo workspace is assigned its own PostgreSQL schema and database role. The application connects each environment only to its assigned storage namespace, keeping customer workspaces separate.
05
Planned Enhancement
Audit Trail
The audit trail roadmap records data changes with the operator, timestamp and before-and-after values so activity can be reviewed and traced later.
06
Production Standard
Network Isolation
The database is not exposed to the public internet. Only application servers can reach it, and SSH access is limited to administrator IPs with key-based authentication.
07
Production Standard
Encrypted Storage & Secrets
RDS PostgreSQL data is encrypted at rest. The production standard is to manage database credentials, SMTP passwords, API keys and maintenance tokens through AWS Secrets Manager or AWS Systems Manager Parameter Store.
08
In Product Today
Recovery-First Cleanup
Demo lifecycle cleanup archives tenant schemas instead of dropping them. Before destructive cleanup, PiERP requires a database safety snapshot; if the snapshot cannot be created, cleanup is stopped.
09
Production Standard
Backup & Restore Windows
Production deployments use automated RDS backups, manual restore points before major changes and point-in-time recovery within the configured retention window.
Recovery First
Backups are part of the workflow, not an afterthought.
PiERP is designed so risky operations create a recoverable checkpoint before they continue. This applies especially to demo lifecycle cleanup, customer migration, historical imports and production deployment changes.
- Before cleanup: create a database snapshot; stop cleanup if the snapshot fails.
- Before major imports: create a manual restore point and show exactly which environment and schema receives the imported data.
- During deletion: archive tenant schemas instead of permanently dropping them through normal application cleanup.
- For production: keep automated backups for 14-30 days after the AWS production account is enabled, and test point-in-time recovery on a regular schedule.
Operational data safeguards
Security is not only infrastructure. PiERP also uses operating rules that reduce the chance of accidental loss and make recovery practical when action is needed.
Historical imports report success counts, skipped rows and skip reasons. Major imports should be paired with a manual restore point before data is changed.
Permanent administrator environments are excluded from warm-demo recycling. Claimed demo environments are tracked separately from disposable warm capacity.
Customer workspaces are designed so data can be exported, reviewed and migrated instead of being locked into an opaque system.
Clarity First
Security status you can read plainly.
We keep security communication precise. Product capabilities are separated from production infrastructure standards and planned controls so the current status is clear at a glance.
Available in the PiERP application or customer demo architecture now.
Infrastructure and identity controls required before a formal customer production deployment.
A defined product control that is not yet represented as an active feature in the current demo.
Security coverage checklist
Each control is called out explicitly so customers can review the current product state and the production standard without guessing which layer a control belongs to.
- Edge Protection (Cloudflare) - Production-standard full HTTPS delivery, WAF firewall protection and DDoS mitigation, with the origin server IP kept private.
- Identity Authentication (AWS Cognito) - Enterprise identity services with OAuth 2.0, OIDC and SAML 2.0 support, plus optional MFA enforcement for administrator accounts.
- Role Permission Matrix (RBAC) - Administrators can configure permissions for each role independently in the UI without involving engineering.
- Tenant Isolation - Each customer workspace uses isolated database storage, and production deployments can extend this with strict server-side tenant filters where shared services are used.
- Audit Log - Planned product control to record data changes with the operator, timestamp and before/after values for later traceability.
- Network Isolation - The database is not exposed to the public internet. Only application servers can reach it, and SSH is limited to administrator IPs plus key-based authentication.
- Encrypted Storage - RDS PostgreSQL data is encrypted at rest, with production secrets managed through AWS Secrets Manager or AWS Systems Manager Parameter Store.
- Backup & Recovery - Production deployments use automated RDS backups, manual snapshots before major operations and point-in-time recovery within the configured retention window.
- Safe Demo Lifecycle - Demo cleanup archives storage and requires a safety snapshot before destructive actions proceed.
Responsible security assurance
No responsible software provider should claim that data loss is impossible. PiERP instead commits to layered protection: private networking, encrypted storage, isolated customer workspaces, least-privilege access, backup checkpoints and tested recovery procedures.
Explore PiERP securely.
Request a private demo workspace and see the operating experience firsthand.