Trust & Security

Security

How ServicePulse at servicepulse.tech handles tenant boundaries, access control, and security reporting. This page describes direction and current practices. It is not a certification statement.

Last updated: July 7, 2026

Security approach

Security work is part of the product roadmap, not a paragraph we add after the fact.

ServicePulse is being built as a multi-tenant PSA. That means tenant boundaries, permission checks, and audit trails have to be treated as core product work.

ServicePulse is developed and supported by Cognify Works. This page explains our security direction in plain language. It does not represent a warranty, audit opinion, or certification. We do not claim SOC 2, HIPAA, ISO, or other compliance certifications here unless Cognify Works publishes them separately.

Tenant isolation

Each MSP workspace is scoped to an organization. Companies, tickets, time entries, billing records, and settings belong to that tenant.

  • Application logic associates records with a tenant organization.
  • Server-side authorization checks enforce organization boundaries on product routes and APIs.
  • Public marketing pages and lead forms are separated from tenant product data at the routing layer.

Role-based access

Not every user in a workspace should see or change everything. ServicePulse uses role-based permissions to limit administrative, operational, and read-only actions within a tenant.

  • Workspace roles control access to settings, billing, sales, service desk, and other modules.
  • Permission checks run server-side, not only in the browser.
  • API access, where enabled, uses scoped credentials with the same permission model.

Session protection

Staff access to ServicePulse requires authentication. Protected workspace routes validate the session before serving product pages or API responses.

  • Sign-in establishes a session tied to the user and workspace membership.
  • Unauthenticated requests to protected routes are rejected or redirected.
  • Customer portal access, where enabled, uses a separate authentication path from staff workspace login.

Audit and activity history

Accountability matters in a PSA. ServicePulse records security-relevant events and maintains activity history on core records where implemented.

  • Security events cover authentication and permission-sensitive actions where logged.
  • Activity history on clients, tickets, quotes, and projects helps teams see what changed.
  • What is logged and how long it is retained may depend on configuration and product version.

If you need detail for a security questionnaire, ask during evaluation and we will answer based on what is live in your environment.

File access boundaries

Attachments and uploaded files should not be reachable without authorization. ServicePulse stores files using configured storage drivers and checks access before serving downloads.

  • Uploads are tied to workspace records, not public URLs by default.
  • Download paths require appropriate authorization within the workspace.
  • Upload limits and blocked file types can be configured by administrators where supported.

Platform admin separation

Tenant workspace administration is separate from platform-level administration operated by Cognify Works. Cross-tenant access is limited to what platform operations require for support, deployment, and incident response.

We treat platform admin access as a controlled capability, not a back door around tenant boundaries.

Ongoing security hardening

ServicePulse is still evolving. Security controls, logging depth, and operational practices continue to improve as the product and customer base grow.

  • Authorization and tenant isolation are treated as ongoing product requirements, not one-time setup.
  • Security-relevant changes are reviewed as part of normal development.
  • Customers evaluating ServicePulse can ask what is implemented today versus planned next.

Responsible disclosure

If you believe you have found a security issue affecting ServicePulse, report it responsibly so we can investigate.

Email hello@cognifyworks.ai with a description of the issue, steps to reproduce, and any relevant logs or screenshots. Please do not publicly disclose unresolved vulnerabilities without coordinating with us first.

Contact

Security questions, questionnaire requests, or disclosure reports: hello@cognifyworks.ai

ServicePulse is developed and supported by Cognify Works.