Browse docs
Docs/Security

Security overview

How StudyBits protects your data — isolation, permissions, identity, and compliance.

StudyBits is built to be trusted with your company's knowledge. This page summarizes how your data is protected.

Tenant isolation

Every organization runs in its own workspace with isolated data and an isolated knowledge index. For stronger guarantees, choose a dedicated or in-your-own-cloud deployment, where your data never co-locates with another customer's.

Permission-aware knowledge

When StudyBits indexes a connected source, it also reads that source's permissions. The Assistant only ever surfaces content a person already has access to — connecting a source never widens who can see what. Permission changes at the source are honored.

The most important pre-launch check is to verify permissions as a test learner for every connector. See Indexing & learning.

Identity & access

  • SSO via SAML/OIDC against your IdP — your people use the credentials they already have.
  • Directory sync (SCIM) keeps users and roles in step with your directory and de-provisions immediately when someone leaves.
  • Role-based access governs what each person can do — see Roles.

Data protection

  • Encryption in transit (TLS) and at rest.
  • Least-privilege connectors — grant only read access to the content you want indexed.
  • Audit log of admin and access activity, under Settings → Audit.

Compliance

StudyBits supports the controls enterprise teams expect — SSO, directory sync, audit logging, data residency options, and granular permissions. For current certifications, data-processing agreements, and region availability, contact your StudyBits representative.

Connect with StudyBits, not the other way around

Your sources stay where they are. StudyBits reads what you connect, with the scope you grant, and you can disconnect a source at any time.