top of page

Security

NavigatorCRE is a SOC 2 Certified, multi-tenant SaaS platform, built for Commercial Real Estate (CRE) industry professionals to store, manage, filter & report on their data. NavigatorCRE is built using modern web technologies & is hosted on Microsoft’s Azure infrastructure. This web application & database are stored in discrete locations & secured using industry best practices. Enterprise grade company & data security utilizing Auth0 + SSO + AD, Azure hosted data encrypted in motion & at rest in SOC 2 certified 3 tier layered platform.

Portfolio

Real Intelligence

soc2.png
padlock.png

SOC 2 Compliant Platform with Enterprise Grade Security

This overview explains the multiple security measures taken to protect your critical data:

  • A flexible permission & access model allows clients to precisely control the information available to each user.

  • Robust account protections that ensure only authorized users have access to the platform.

  • Technological and managerial safeguards NavigatorCRE has deployed to further protect your data.

​We know that data is mission-critical to the success of your business, the NavigatorCRE platform is designed to make your data simultaneously accessible & secure.

​​

Rich Permission Model

Administrators control access to their portfolio information via the NavigatorCRE's administration interface, which allows them to add & remove users, & set individual user permissions & access rights on a per-asset basis. Permission Levels Admins set one of three different permission levels for each user on a given asset: Administrator, Read-Write, Read-Only
 

Access Rights
NavigatorCRE’s underlying data schema allows for the creation of employee groups that can be used to restrict access to certain data types inside the application. Data sets are restricted to the specific teams within each corporate account.

 
Application Security
NavigatorCRE implements many security features to protect against unauthorized access to your account:

  • Navigator is build using industry standard 256 bit SSL & HTTPS encryption to ensure the security of data in transit as well as all authentication information.

  • User access to the application is governed by an Auth0 authentication scheme to encrypt each users credentials when accessing the application. Auth0 includes SSO, MFA, OKTA & SAML.

  • Token based authentication is utilized to enable easy access via the “stay logged in” option from a browse.  Tokens are set to expire expire every 7 days & then require the user to enter their full credentials.

​

Data Security

NavigatorCRE utilizes a range of technology safeguards to protect your data:

  • Access to data storage is restricted by the firewall & only allows traffic originating from the IP address of the web application server.

  • All customer datasets are stored in separate MongoDB collections.

  • Azure SQL Database is also used to store data & utilizes data at rest encryption.

  • Connections from the application to the database are encrypted using SSL data transit protocols.

  • Any administrator or user with access to Navigator’s Azure Subscription is required to utilize Multi-Factor authentication for additional data and application security.

  • The MongoDB Atlas database is hosted via mLabs Azure hosting services in a dedicated cluster environment for high security, data redundancy and high availability. Read more about mLab’s security.

​

Summary

If your organization requires a more detailed presentation of NavigatorCRE's security framework please contact your account manager or infosec@navigatorcre.com.

bottom of page