Last updated: April 17, 2026
WNY Automation Portal uses managed authentication, encrypted transport, scoped access controls, and application-layer tenant checks to protect customer data and internal operations.
Tenant boundaries are enforced in request handling and database access. Where configured, row-level security policies provide an additional isolation layer for multi-tenant workloads.
Payment processing is delegated to Stripe. Credentials and signing keys are stored in environment variables and never committed to source control.
Operational monitoring, webhook failure tracking, and audit logs are used to detect and investigate suspicious activity. Security incidents are triaged and remediated under internal response procedures.
Please report vulnerabilities to security@wnyautomation.com. Please do not disclose vulnerabilities publicly before coordinated remediation.