Security and trust posture
ODCubed is designed for role-aware freight planning, provider boundaries, and customer-safe output review.
Role-Based Access
Owner Admin, Customer Admin, and Customer User permissions are enforced for workspace navigation, admin controls, exports, billing, and Planning Agent actions.
Tenant Isolation
Workspace records are scoped to account context. Owner Admin can review platform-level readiness, while customer users remain constrained to their account workflow.
Upload Safety
CSV is the recommended secure import format. XLSX upload parsing is disabled by default and requires an explicit feature flag because workbook parsing accepts untrusted user files.
Production Credentials
Production Cognito, Stripe, S3, DynamoDB, email, analytics, and observability credentials must be configured through approved secret management before launch. ODCubed does not claim SOC 2, ISO, HIPAA, or other formal certification unless separately completed.