Security
Last Updated: February 2026

Security Controls Built into Aurora Command

A practical breakdown of the controls buyers ask about. Covers access controls, MFA, audit trails, retention controls, encryption, and controlled sharing through Trust Center.

Get a 15-Minute Walkthrough Request Trust Center Access
No obligation. We’ll map these controls to your buyer questionnaire.

Identity and Authentication

  • Supports MFA (TOTP) for user accounts.
  • Supports passkeys / WebAuthn where enabled.
  • Sensitive actions may require step-up verification (where enabled).
  • If you need SSO/SCIM details, request Trust Center access.

Role-Based Access Control

  • Role-based permissions limit who can view, edit, approve, and export.
  • Approval workflows create attributable change history.
  • Separate operator and viewer concepts (buyers/auditors are not operators).

Audit Trails and Exports

  • Program actions are logged (create/update/export/share).
  • Trust Center sharing includes exportable access logs.
  • Logs can be exported in reviewer-friendly formats.

Integrations and Credential Scope

  • Aurora Command prefers least-privilege access where supported.
  • Read-only integrations are preferred when possible.
  • When elevated scope is required, permissions are documented and reviewed during setup.
  • You control collection cadence.

Data Retention and Deletion Controls

  • Aurora supports retention and deletion controls designed to prevent accidental loss of proof.

Encryption and Platform Hardening

  • Encryption in transit (TLS).
  • Encryption at rest.
  • Secure sharing controls for exports.

Controlled Sharing Through Trust Center

  • Verification and agreement gates.
  • Deal rooms / curated exports (plan-based).
  • Exportable access logs.
Request Trust Center Access

Procurement

Procurement Requests

If your buyer needs formal documents (DPA, subprocessors, security overview), request Trust Center access.

If procurement or a customer asks for security documentation, we prefer sharing through the Trust Center so access is attributable and time-bound.

Request Trust Center Access Get a 15-Minute Walkthrough

FAQ

Security Questions

Do you sell personal information?

No. Aurora Command does not sell personal information.

Can we get a security overview and subprocessors list?

Yes, through Trust Center access where you control distribution.

Do you guarantee security outcomes?

No. Aurora provides controls and auditability to reduce risk and make reviews defensible.

Next step
Want to map these controls to your buyer’s questionnaire?
We’ll map these controls to your buyer questionnaire and show exactly what a reviewer can verify.
Get a 15-Minute Walkthrough Request Trust Center Access
No obligation. We respond within one business day. We will show a sample reviewer-ready export.