Security and trust
Security posture that matches an enterprise-facing entry point.
GlossaryQ is designed for tenant isolation, explicit administrative controls, public-safe operational reporting, and identity-aware entry flows. This page summarizes the public trust model without exposing private tenant detail.
Tenant separation and platform boundaries
Tenant workspaces are isolated from each other and kept behind tenant-specific domains. Public entry, onboarding, and operator-controlled administration stay on platform-owned domains so identity-sensitive routing and shared platform controls remain centralized.
Access controls
- Workspace discovery happens before tenant sign-in so users can be routed safely into the correct authentication boundary.
- Local privileged and administrative access requires stronger controls such as MFA where policy applies.
- Audit trails capture sensitive operational actions so platform and tenant administration remain reviewable.
Recovery, provisioning, and public-safe status
Password recovery stays tenant-local after the base domain resolves the correct workspace. Tenant provisioning status is exposed through controlled public messaging, and service-level incident visibility is handled through the public status page rather than private tenant data leakage.
How to evaluate the public trust surface
Use the status page for operational signals, the privacy notice for data-handling scope on the base domain, and the terms page for service-use expectations. Together they provide the baseline public material typically expected during procurement and security review.