Deployment and security
Security is a shared system of application controls and operational controls
Kosstar CRM supports tenant-aware data access, authenticated users, roles, menus, data scopes, field rules, approval history and login logs. Secure operation also requires correct server, database, network, TLS, backup, monitoring, account and incident-response practices.
| Layer | Kosstar CRM control | Operational responsibility |
|---|---|---|
| Identity | Users, status, authentication and login records | Password policy, administrator accounts and access review |
| Authorization | Roles, actions, data scope and field rules | Least-privilege design and periodic testing |
| Tenant boundary | Tenant context and tenant-aware server queries | Configuration review and isolation testing |
| Infrastructure | Deployment-compatible application services | Host hardening, database security, TLS, firewall and patching |
| Continuity | Data export and application records | Backup policy, restore tests, monitoring and incident response |
No absolute-security claim
No software or deployment can guarantee zero risk. Security outcomes depend on the exact version, configuration, infrastructure, integrations, administrator actions and response procedures. A deployment should be assessed against the customer's threat model and compliance obligations.
Maintained by the Kosstar product team · Last updated: 2026-07-12