Diocese.IO

Security

Security practices for the Diocese Fleet

Security First

  • Tenant isolation at the Kubernetes namespace level
  • JWT-based authentication with secure token management
  • RBAC-enforced access control
  • CORS validation for all API endpoints
  • Encrypted data at rest and in transit
  • Audit logging of all system actions