Security Whitepaper
A consolidated overview of Workplace.io security practices and architecture for customer reviews. This document is customer-facing and
intentionally excludes proprietary analytics details.
Last updated: December 16, 2025
Executive summary
Workplace.io is a SaaS platform designed to generate organization-level culture insights from collaboration signals. Security controls are
designed around encryption, least privilege access, monitored operations, and controlled change management. Message content is processed
briefly for analysis and then removed; derived metadata and aggregates are retained for reporting.
System architecture
The application is hosted on DigitalOcean (droplets behind a load balancer, managed database). Classification and culture inference workloads
run on AWS using Amazon SageMaker, separated from the application serving layer.
Data handling
- Short-lived content: message content processed briefly and then removed.
- Derived results: structured metadata and aggregates retained for dashboards and trends.
- Workspace isolation: access scoped by workspace membership and roles.
Access control
Workplace.io uses role-based access control for administrative actions (integrations, billing, membership management, archiving).
Internal access to production systems is restricted using least privilege practices.
Encryption
Data is protected in transit using TLS and protected at rest using encryption. Integration credentials are treated as sensitive and
access-restricted.
Monitoring and incident response
We monitor service health and security-relevant signals and maintain an incident response process for triage, containment, remediation,
and customer communication when warranted.
Secure development
Changes follow a controlled release process with review, testing, and post-release monitoring to reduce risk and detect regressions.
Vendor and subprocessor transparency
We maintain a list of subprocessors and describe their roles in hosting, communications, billing, and inference workloads.