Encryption at rest
All sensitive data is encrypted at rest using AES-256-GCM, including channel tokens, instance configurations, and message logs. Encryption keys are managed by Operator and are not accessible to operators or end users.Container isolation
Each instance runs in its own Azure Container App with a separate process, filesystem, and network. Instances cannot communicate with each other. There is no shared state between instances at the infrastructure level.Storage isolation
Instance data is stored in per-instance Azure Files volumes. Configuration files, workspace skills, and runtime data are scoped to each instance. One instance cannot access another instance’s storage.Database isolation
All database queries are scoped by user. Instance records, channel configurations, billing data, and usage metrics are partitioned so there is no cross-user access.Managed infrastructure
Operator manages all infrastructure credentials and secrets for your instances. You never need to handle Azure credentials, encryption keys, API secrets, or database connection strings. Everything is injected by the platform during provisioning.Next steps
- Instances — How instances are provisioned and isolated.
- Plans & Billing — Subscription lifecycle and data retention.
- Channels — How channel tokens are managed.