# Security at Oobeya

In Oobeya security is **our highest priority**. See below for information about the security policies and practices of Oobeya. If you have any questions about security, please contact us at <https://oobeya.io/contact/>&#x20;

<div align="left"><figure><img src="/files/v22HlnUr9hotkNxTHAZh" alt="" width="375"><figcaption><p>ISO 27001 Information Security <br>(the leading international standard focused on information security)</p></figcaption></figure></div>

***

## Product Security

* Single sign-on (SSO)
* LDAP / Active Directory integration
* Strong password policies (complexity standard, encryption, password reset procedure)
* Role-based access control (RBAC)
* Principle of least privilege (PoLP)
* User-based & team-based privacy configuration
* Cross-Origin Resource Sharing (CORS)
* Audit logging

## Organization Security

* ISO 27001 Information Security (the leading international standard focused on information security)
* Information security training and awareness program for employees
* Employee Confidentiality Agreement
* Centralized endpoint protection
* Security practices as a part of the Software Development Life Cycle
* Application Security Testing (AST)
* Policies & procedures implemented based on ISO 27001 Information Security

***

View the below page, to get more information about Oobeya Managed SaaS (Cloud) Security:

{% content-ref url="/pages/54C5cQ07LMXeTYUrtN7O" %}
[Oobeya Managed SaaS](/security/oobeya-managed-saas.md)
{% endcontent-ref %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oobeya.io/security/security-at-oobeya.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.