Security overview
Opsflw Connect applies a security-first operating model for managed applications on Azure.
Security principles
- Least-privilege access for users and service identities
- Role-based access control for customer and operator responsibilities
- Controlled operational change through approved workflows
- Monitoring and response processes for security-relevant events
End-user expectations
As an end user, you should expect:
- Access based on assigned role and approved business need
- Authentication and authorization controls aligned with enterprise policy
- Security updates applied through planned platform operations
Shared responsibility
Opsflw manages platform and service security controls.
Customers remain responsible for:
- User governance in their organization
- Correct use of assigned permissions
- Internal policy compliance for data and access usage