Security that respects the boardroom

Board material is among the most sensitive information a company holds. BoardOS is built around that fact — and we are honest about what is done and what is on the road.

In place today

Passwordless sign-in

Single-use, expiring email links. No passwords to steal, phish, or reuse.

Organisation isolation

Every record is bound to your organisation. Cross-tenant access is checked on every single query.

Encryption

Traffic encrypted in transit (TLS); documents and data encrypted at rest.

Access logging

Every document view and download is recorded — who, what, when, from where.

Permanent records

Minutes, votes, notices and messages archive rather than delete. History cannot be quietly rewritten.

Role-based permissions

Secretary, chairman, member, observer — enforced on the server, not just hidden in the interface.

On the roadmap

Two-factor authentication

Additional sign-in verification for high-security boards.

Independent penetration testing

Third-party security assessment before regulated-entity rollouts.

SOC 2 / ISO 27001 certification

Formal audited certification as we scale.

Saudi data residency

In-Kingdom hosting option for CMA/SAMA-regulated organisations.

We publish this honestly: security claims you can't verify are worth nothing in a boardroom.