Security at Letaro

Summary

• Role-based access controls should limit staff actions to authorised agency roles and module entitlements.
• Tenant isolation checks should be enforced on backend requests, data access paths, portal workflows, reports, exports, and automation jobs.
• Portal users should remain scoped to the authenticated tenant, owner, tenant, property, lease, or communication context they are permitted to access.
• Audit logs should capture important trust accounting, finance, portal, billing, workflow, and security events without exposing passwords, tokens, card data, or raw secrets.
• Authentication should support secure sessions, password controls, two-factor authentication pathways, and defensive handling of failed or suspicious sign-in attempts.
• Stripe webhook signatures must be verified before subscription, checkout, or provisioning changes are trusted.
• AI, email, SMS, and integration jobs should use scoped credentials, conservative logging, retry controls, and clear failure states.
• Security-sensitive configuration belongs in environment settings or managed secrets, not in public repositories or client-side code.
• Backups, restore rehearsals, migration checks, and release verification should be maintained so operational recovery paths are tested.
• Custom features and integrations should include security review for tenant isolation, permissions, validation, logging, and data retention before release.
• Customers should promptly report suspected unauthorised access, exposed credentials, or security issues to info@letaro.com.au.
• Security documentation is updated as Letaro matures and should be reviewed alongside customer contracts, privacy materials, and implementation scope.