Billing & Security

Security basics for administrators

3 min read

This article is a practical checklist. The full security overview lives at /security.

What to set up on day one

Pick a strong password and save it in a password manager. Do not reuse one from another system.
Invite only the people who actually need access. Use scoped roles — do not make everyone a Company Admin.
Review the users list every quarter. Remove people who have changed roles or left.
If you use the API, keep API keys in a secret manager. Never paste them into Slack or email.

Where your data lives

Application hosting: Vercel (US regions). Database: Supabase (US regions). Data in transit uses TLS 1.2+. Data at rest uses AES-256.

Getting a DPA or subprocessor list

Email security@dovamfg.com — we respond within two business days.

Related

Adding users and understanding roles
Invite your team and give each person a role that scopes what they can see and do. Five roles, from Company Admin to Viewer.

Still stuck?

Email us — we'll reply within one business day.

contact@dovamfg.com