Reality by Chanting takes the security of our product and customers’ data exceptionally seriously.

• Security/Authentication: Reality by Chanting’s product Oversing,  is secured by SSL encryption and requires a secure password for login. We support OpenID and OAuth2 Authentication, which can be tied back to an LDAP directory.
• Database Segregation: At present Reality by Chanting creates separate databases for each organization that uses Oversing.  User information is stored in the central database. And all other information stored in the customer’s database.  Oversing connects the user to his database when he logs in.
• Administration: Oversing’s user and account model is built on a permission set where only those given specific Administrative rights on the account can invite additional users and manage the permissions, financial rates, and privileges of the other users on the account.
• Role Based Permissions: Oversing contains many low-level permissions for providing access to specific functionality. users are granted very limited access by default.  Users with administrative permissions can assign permissions to roles.  Then assign people to roles.   Users can then perform any function that his roles have permission to do so.
• Project Based Permissions: By default, all project-specific collaboration, file sharing, and communication is visible only to users invited to participate in those projects, allowing administrators to control visibility and access. Users can be removed from projects,allowing the project administrator to take away their visibility into that project.  However, those with administrative permissions can open visibility if it suits the organization.
• Object Based Permissions:  Permission Roles, Groups of Users and Users can be granted access to every single object in the system, overriding more general permissions.
• Transparency:  Organizations differ, and Oversing is designed to promote transparency.  So users with Administrative permissions, can create a very closed, or a very transparent organization. Reality by Chanting does not control the degree of transparency in Oversing – the customer’s users with Administrative Permissions do.
• User Sessions: User sessions are individually tracked and can be controlled by account administrators.  Users can be disabled quickly, and kicked immediately from the system.
• Audit Trail: Oversing contains a full audit trail in standard accounting form, including batch ID’s and hashes, that provides auditors with fully traceable transactions back to the individual user for the entire lifecycle of any entry.   In the event that the detailed comments, workflow history, attachments, tasks, deliverables, or projects are deleted (“trashed” ) to reduce storage size, or for legal reasons, the various detailed journal entries are preserved.  Oversing’s user interface provides no method of altering the accounting entries either in the journals or the ledgers.
• Security Audits: Reality by Chanting is committed to performing annual internal and external audits of our software security to ensure that Oversing is SSAE 16 Type 2 Compliant, and both SOC I and SOC II Compliant with no exceptions.