Security

Last updated: February 1, 2025

Infrastructure

EyeTea is hosted on Vercel and AWS infrastructure with data stored in MongoDB Atlas. All environments run in SOC 2 Type II certified data centers with physical access controls, redundant power, and 24/7 monitoring.

Encryption

All data is encrypted in transit via TLS 1.2+ and at rest using AES-256. Database connections use TLS with certificate validation. API keys and secrets are stored in environment variables, never in source code.

Authentication & Access

User authentication is handled through OAuth 2.0 with Google. Sessions are managed with signed, HTTP-only cookies. All API endpoints require authentication and organization-scoped authorization. Role-based access control (owner, admin, member) governs what each user can do within an organization.

Agent Execution

EyeTea's AI agent runs within a sandboxed environment and can only access integrations explicitly configured by your organization. Destructive actions (MDM commands, script execution) require explicit human approval before execution. All agent actions are logged with full audit trails.

Data Isolation

Each organization's data is logically isolated at the database level. Integration credentials are scoped per-organization and never shared across tenants. Agent sessions are bound to a single organization context.

Vulnerability Management

Dependencies are monitored for known vulnerabilities via automated scanning. We apply security patches promptly and follow responsible disclosure practices. If you discover a security issue, please report it to security@eyetea.ai.

Compliance

EyeTea is SOC 2 Type II ready. We are actively pursuing certification and can provide our security questionnaire responses upon request. Contact security@eyetea.ai for details.