Production environment / provider credentials, consent, assets, and UAT status must be verified before launch

Security

Security posture and roadmap for FireGridOps.

A working security overview for the FireGridOps marketing site and the future FireGrid app connection. This page distinguishes current placeholders from roadmap controls.

Contact SecurityTrust Center

Security status

This page is a working placeholder. It should be updated to match the actual production hosting, app architecture, data stores, vendors, authentication model, and incident response program before launch.

Currently live

Marketing-site controls are separate from future app controls.

FireGridOps.com is currently a marketing website with placeholder lead capture and placeholder authentication pages. Real account access, production data storage, app permissions, and FireGrid app security controls are not implemented in this site yet.

Live foundation

  • Static marketing pages, legal placeholders, trust messaging, and consent-gated analytics placeholders are implemented.
  • Contact, demo, newsletter, and resource workflows validate required fields and return mock responses.
  • Auth pages are placeholders only and do not create users, store passwords, or protect routes.

Authentication

Future FireGrid app authentication should include secure account creation, password management, OAuth or SSO options, session controls, and administrative enforcement.

Encryption

Production deployments should document HTTPS, encryption in transit, database encryption, secrets handling, backup protection, and provider-specific controls.

Access control

Future product access should support company, branch, department, role, and project-level permissions for operations, design, engineering, manpower, AI, inspections, service, and reports.

Audit logging

Future audit logs should cover account events, permission changes, project updates, document activity, AI review actions, integration events, and administrative activity.

Vendor and integration security

CRM, analytics, email, hosting, monitoring, ERP, BIM, inspection, and service integrations should use reviewed vendors, scoped credentials, and documented data flows.

Incident response

Production operations should define escalation paths, responsible owners, communication templates, investigation steps, remediation procedures, and customer notification rules.

Responsible disclosure placeholder

Security reports need a verified channel before launch.

Placeholder contact: security@firegridops.com. This address and the response process must be verified before production use.

Ready for the next step

Preparing for secure enterprise deployment.

Enterprise security questions can route through the contact workflow until a formal security review and disclosure process is live.

Contact SecurityVisit Trust Center