NewAxiomNewAxiom

Security at NewAxiom

NewAxiom uses a workspace-scoped security model designed to reduce cross-tenant risk and protect sensitive operational data. Core controls are enforced server-side across API access, resource ownership checks, role-based authorization, and secure data handling practices during launch and customer onboarding.

Security Controls Overview

Security controls focus on tenant isolation, backend authorization, authentication, secrets handling, auditability, and safer production behavior.

Customer data is protected through encrypted transport, workspace-scoped access controls, and secure platform storage practices.

Tenant isolation
  • Protected routes enforce workspace-scoped authorization server-side.
  • Resource lookups are checked for workspace ownership before access.
  • Cross-workspace access attempts are denied and logged.
Role-based permissions
Permissions are scoped by workspace role so access to pricing operations, connectors, exports, and administrative actions can be limited according to responsibility.
  • owner
  • admin
  • manager
  • analyst
  • viewer
Authentication
Email-based secure-link sign-in is enabled for customer access. Session state is validated server-side before protected application actions are allowed.
MFA rollout status
TOTP MFA support is available for deployments that enable enhanced authentication controls. Administrative access to core cloud services is protected with MFA where supported.
Secret protection
Connector credentials are protected with encrypted-at-rest storage and are masked from API responses and application surfaces.
  • Raw secret values are not returned to clients.
  • Sensitive auth material is excluded from normal logs and UI payloads.
Uploads, imports, exports, and internal routes
Uploads, imports, exports, and internal/debug routes are protected with stricter authorization and access checks, including high-risk path restrictions and validation guardrails.
Audit logging
NewAxiom records security audit events for high-risk operations and failed authorization attempts to improve traceability and incident review.
Error handling
Production error handling is designed to reduce leakage of sensitive internal details in both API and UI responses.
Scope and follow-ups
This page summarizes NewAxiom's current security baseline. It explains the controls used today and is not a claim of certification or complete security maturity.
  • Credential lifecycle safeguards continue to be strengthened.
  • Security event review and operational processes continue to mature.
  • Additional administrative authentication controls can be enabled where supported.
For information on data handling, retention, and privacy requests, see the Privacy page.
View baseline summaryReview privacy policyRequest a security overview

Operational safeguards

NewAxiom maintains internal security and operational readiness documentation to support incident handling, backup review, and recovery testing. These controls are intended to improve response readiness and operational discipline as the platform matures.

Operational readiness
  • Incident response and breach notification procedures are maintained internally.
  • Backup and recovery coverage is reviewed for critical systems and data sources.
  • Recovery testing is tracked internally and updated as infrastructure changes.
  • Security and operational processes continue to mature as NewAxiom moves through launch and customer onboarding.

Monitoring and diagnostics

NewAxiom uses logs, audit events, and diagnostics tooling to support reliability, security review, and incident investigation. Diagnostic tooling is used to identify errors and service issues and is configured to avoid unnecessary collection of sensitive customer data.

Diagnostics controls
  • Error diagnostics support reliability triage and service issue resolution.
  • Audit events are recorded for high-risk activity and key operational actions.
  • Failed authorization attempts are monitored to support security investigation.
  • Reliability monitoring supports incident detection and response workflows.
  • Sensitive-data minimization is applied in logging and diagnostics processes.

Website analytics and marketing tags, where used, are controlled through NewAxiom's cookie consent preferences. Security-essential and service-essential technologies may remain active to operate and protect the site and services.

Need a security review?

Share your review scope and we can follow up with a controls walkthrough.

Need a security review?
We can walk through current controls, workspace scoping, data handling, and launch-stage safeguards for your evaluation.
Contact NewAxiomReview Privacy Policy