← Back to Home

Security

How we keep your data safe

We Monitor and Report. We Don't Make Changes.

WorkspaceGuard is strictly a monitoring and reporting platform. We never modify your Google Workspace settings, configurations, or data. You maintain complete control over your environment at all times.

No Agents Required

WorkspaceGuard operates entirely through official cloud APIs. There is no software to install on your servers, workstations, or network infrastructure.

  • No agents, browser extensions, or local software
  • No firewall changes or network configuration required
  • Reduces your attack surface compared to agent-based solutions

Least Privilege Access

We only request the minimum permissions needed to run your configured monitoring. For Google Workspace, this means read-only access to admin settings and security reports.

  • Read-only access — we never modify your settings
  • No access to email content, documents, or user data
  • Revoke access anytime from your Google Admin console

Data Handling

We store only the data needed to provide your monitoring reports. Your data is never sold or shared with third parties.

  • We store monitoring results, not raw workspace data
  • Old results are automatically pruned after retention period
  • Your data is never sold to advertisers or data brokers

Encryption

All data is encrypted in transit and at rest using industry-standard encryption.

  • All connections encrypted with TLS 1.3
  • Database encryption at rest using AES-256
  • API credentials stored with additional encryption layer

Audit Logs

All significant actions are logged for accountability and troubleshooting.

  • User login and access events
  • Configuration changes and product activations
  • Sensitive data sanitised from logs

Infrastructure

WorkspaceGuard runs on trusted cloud infrastructure with automatic scaling and DDoS protection.

  • Hosted on Vercel with global CDN and DDoS mitigation
  • Database on Supabase with automatic backups
  • Rate limiting on all API endpoints

Responsible Disclosure

Found a security vulnerability? We appreciate responsible disclosure.

Report a Vulnerability
Privacy PolicyTerms of ServiceFAQ