Frequently Asked Questions
      Back to home
      1. Home
      2. Frequently Asked Questions

      What levels of access do you have?

      No Direct Access Policy

      At Spendbase, we have implemented a stringent policy where no one, including our customer support and customer success departments, has direct access to the production database or to any customer's Spendbase accounts.

      1. System-Level Access:

      • Limited Access: Only a select few highly authorized engineering personnel have system-level access, and it is strictly regulated. This access is only granted when absolutely necessary, and under stringent supervision, ensuring that it is used solely for maintenance or urgent security matters.
      • Audit Trails: All access to system-level resources is logged and monitored, providing an audit trail that ensures transparency and accountability.

      2. Customer-Level Access:

      • Customer Control: Customers have full control over their own accounts and the data within them. Spendbase provides the tools needed to manage access internally, allowing account administrators to set permissions for their team members according to their roles.
      • Role-Based Access Control (RBAC): Spendbase employs RBAC to ensure that users only have access to the information and functions that are necessary for their role within the organization. This helps prevent any unauthorized attempts to access sensitive data.
        So, no-on even from customer team members (other than Team Admin) has access to Spendbase account unless granted manually by Team Admin (assigning role and sending invite)

      3. Support-Level Access:

      • Indirect Assistance: Our customer support and success teams provide assistance through tools that do not require direct access to customer accounts or databases. When support is needed, we use secure, controlled, and logged methods to troubleshoot issues without compromising the integrity of customer data.
      • Support Protocols: All interactions are governed by strict protocols to ensure that customer information remains confidential and secure.

      Security Measures and Protocols

      • Regular Security Audits: Spendbase regularly conducts comprehensive security audits to ensure that all access levels are appropriately secured and that there are no vulnerabilities.
      • Continuous Training: All employees at Spendbase undergo continuous training on the latest security practices and data protection laws to ensure they are equipped to handle data responsibly and securely.