The foundation every module runs on — fine-grained roles, fail-closed access control, a tamper-evident hash-chained audit trail, encryption at rest, multi-branch isolation, a client portal and public report verification — engineered to ISO/IEC 17025, 21 CFR Part 11, and toward ISO 27001 & SOC.
Every module reads the same permission matrix, writes to the same audit trail and honours the same branch boundaries — so security is one system, not scattered settings.
| Module | View | Edit | Approve |
|---|---|---|---|
| Samples | Yes | Yes | ✗ |
| Results | Yes | Yes | ✗ |
| Reports | Yes | ✗ | ✗ |
| Invoices | ✗ | ✗ | ✗ |
Roles, permissions and identity checks that are read fresh on every request and can never be talked around from the browser.
Start from sensible role presets or build your own, with a fine-grained view / create / edit / delete / approve permission per module.
One authorization layer guards every endpoint. The role is re-read from the database on each request — never trusted from the token — and access defaults to denied.
Each user can turn on TOTP two-factor with one-time recovery codes, and sensitive actions can demand a fresh step-up re-authentication.
Segregation of duties is enforced server-side — the person who enters a result, raises a payment or requests an approval can never sign it off alone.
The record that accreditation and audit depend on — written on every action, protected at rest, and recoverable when it matters.
An append-only, tamper-evident log of actor, IP and before / after values on every write — exportable to your SIEM and independently verifiable link by link.
Secrets, credentials and personal data are encrypted at rest, with transport secured in transit — so a stolen disk or backup file is worthless on its own.
Encrypted nightly backups with a tested restore path and a documented disaster-recovery runbook — so recovery is rehearsed, not hoped for.
Deletions go to a restoration window first, with a purge preview before anything is removed for good — and finance and audit records are protected from purge.
The same controls that lock the platform down also let you open the right doors — to branches, to clients, and to the public verifying a report.
Data is isolated per branch with its own document numbering, and each client's display name and logo can co-brand the documents they receive.
Invite external customers to a restricted portal that shows only their own reports, quotations and payments — and let them submit samples through an e-portal that is validated before it enters the lab.
Public report QR / CoA verification without login, plus role-based dashboards and permission-gated one-click Excel exports for the numbers you are allowed to see.
An in-app assistant that answers from product docs only — never customer or sample data — fail-closed to staff and rate-limited; built-in support tickets; and entitlements that switch whole modules on or off per deployment.
| Document | Type | Status |
|---|---|---|
| LV-24814 | Report | Issued |
| QT-1180 | Quotation | Sent |
| INV-0642 | Invoice | Due |
Of writes captured in an append-only, tamper-evident audit trail.
Endpoints trusted by default — access is fail-closed and re-checked every request.
Unbroken hash chain over every audit record — break a link and verification fails.
AES encryption at rest for secrets and PII, with TLS in transit.
Figures describe how the platform's controls are designed to behave; exact coverage and settings depend on your configuration, plan and deployment.
Cloud, private-cloud, on-premise and fully air-gapped deployment options exist — so the platform can sit inside your own network or offline entirely.
Each deployment runs a single lab today. Shared multi-tenant hosting is on the roadmap — it is not switched on by default, so your data stays your own.
Hooks for Oman government services — ITA PKI, eOman SSO, ePayment and OeGAF — are built in and ready to activate on a government tender. They are not live in a standard deployment.
Deployment models, the multi-tenant phase and government integrations are described as designed or planned; availability depends on your contract, environment and, for government services, an activated tender.
Through fine-grained roles — built-in or custom — with a view / create / edit / delete / approve permission per module. One central authorization layer guards every endpoint and is fail-closed: the user's role is re-read from the database on each request, never trusted from the token, and anything not explicitly allowed is denied.
The audit trail is append-only and SHA-256 hash-chained — each record is linked to the one before it, so altering or removing an entry breaks the chain and shows up on verification. Records capture the actor, IP and before / after values, and the whole trail can be exported to your SIEM.
Yes. The platform supports cloud, private-cloud, on-premise and fully air-gapped deployments, so it can run inside your own network — or with no external connectivity at all — while keeping the same access, audit and encryption controls.
External single sign-on — SAML / OIDC / LDAP — is on the Enterprise roadmap and not available yet. Today, two-factor is covered by per-user TOTP with one-time recovery codes and step-up re-authentication for sensitive actions.
The security foundations are included on every plan; multi-site and enterprise controls scale up with Professional and Enterprise.
SSO / SAML & SCIM are on the Enterprise roadmap and not available yet; air-gapped deployment is an Enterprise capability; TOTP two-factor is available on every plan today.
Book a 30-minute demo and we'll walk the roles, the audit trail, branch isolation and report verification — end to end, on a real workflow.