Security
Current security posture and roadmap items for LandingRoom.
Controls
| Area | Status | Notes |
|---|---|---|
| Encryption at rest | DONE | Cloudflare R2 default encryption is used for file storage. |
| Encryption in transit | DONE | HTTPS is used for data in transit. |
| Authentication | DONE | Better Auth with email and password authentication is in place. |
| Access controls | DONE | Admin and member roles are implemented; more granular RBAC is on the roadmap. |
| Backups | TBD | Backup process, frequency, restore testing, and retention are to be documented. |
| Incident response | TBD | Documented procedure available on request; final internal process is to be completed. |
| Pen testing | TBD | Independent penetration testing has not yet been completed. |
| SOC 2 | Roadmap | LandingRoom is not yet SOC 2 certified - certification is on the roadmap. |