Core Custodian
Security

Built security-first — by a cybersecurity professional.

You're trusting Core Custodian with your operational and financial data. Here's why that trust is well-placed — in plain language, no jargon.

Core Custodian was engineered security-first — not built fast and secured later. The assumption is always: this data is sensitive, protect it by design, then verify the protections actually hold. Security features weren't just built; they were adversarially tested to confirm they can't be bypassed.

The six things that matter to you

Whatever your store count, every account is protected by the same design.

Your data is walled off

Many operators use the platform, but the architecture makes it impossible for one operator's data to reach another's — a hard structural rule, with a deliberate safeguard that prevents onboarding in any way that could weaken it. Your books, leases, and equipment are yours alone.

People see only what they should

Access is scoped by role — a store employee sees their store, a supervisor their assigned stores, you and your admins everything. And it fails safe: a misconfigured account gets nothing, never accidentally everything.

Offboarding truly removes access

Disable an employee and their access is genuinely severed — credentials scrubbed, sessions ended, no lingering "ghost" access. Bring them back and they get fresh credentials, not old ones revived.

Nothing is silently deleted

Deletion is a record-preserving, audited transition — you keep a full history and audit trail while archived items cleanly leave active views. Every significant action is logged: who, when, and from where.

Credentials can't leak into logs

Passwords, tokens, and reset links are prevented from ever ending up in system logs — one of the most common ways data leaks happen. The safeguards fail safe: when in doubt, hide it.

Consistent under real-world load

When multiple people act at once, the system is engineered so operations can't corrupt each other or leave your data in a broken state. That reliability is what makes your numbers trustworthy.

The short version: Your data is walled off, access is scoped and fails closed, offboarding truly removes access, nothing is silently lost, credentials can't leak, and the system stays consistent under load — all designed by a security professional and verified, not assumed. Security wasn't a checkbox. It's how the whole thing was built.

Accessing your account

Two-factor authentication is required, and inactive sessions time out and require re-authentication — with tighter limits on the higher-privilege roles that can see financials. The in-store scan station uses a store-scoped PIN that re-authenticates on idle, so an unattended device can't be misused. These controls are aligned to NIST authentication guidance.

Questions about security?

We're happy to walk through the details with your team.