How Solomon AI protects your church's data
All data transmitted between your browser and Solomon AI is encrypted using TLS 1.3. API communications use HTTPS exclusively.
Database backups are encrypted using AES-256 encryption. Production infrastructure runs in SOC 2-compliant data centers.
Session-based authentication with httpOnly secure cookies. Password hashing uses bcrypt with automatic migration from legacy algorithms. Google OAuth available for social login.
Role-based access control (RBAC) with four tiers: Platform Admin, Church Admin, Staff, and Member. Each role has granular permissions. Cross-tenant data isolation enforced at the database query level.
Hosted on Google Cloud Platform with Kubernetes orchestration. Automated health checks, container isolation, and supervisor-managed processes ensure high availability.
Administrative actions are logged to an immutable audit trail including user identity, action type, timestamp, and affected records. Accessible to church admins via the Audit Log page.
If you discover a security issue, please report it responsibly.
security@solomonai.us