# Konvex — Security

## Authentication
- Google OAuth SSO on Pro
- Role-based access control (admin, editor, viewer)

## Data Protection
- Encryption in transit (TLS)
- Server-side query execution with parameterized queries (prevents SQL injection)
- Credentials stored separately from application data

## Hosting
- Konvex Cloud hosted on managed infrastructure
- Automated backups

## What we don't have yet
- SAML/OIDC SSO
- SOC 2 certification
- HIPAA compliance
- Self-hosted deployment
- Audit logging
- Air-gapped deployment

These are on our roadmap. If your team has strict compliance requirements, Retool or Appsmith may be better options today.