Identity and access
SAML SSO, SCIM provisioning, role-based access, enforced MFA through identity provider, and domain verification on Enterprise plans.
Security
RivetOps is built for teams that need to review workforce records, schedules, operational notes, customer windows, and audit evidence with practical controls before rollout.
SAML SSO, SCIM provisioning, role-based access, enforced MFA through identity provider, and domain verification on Enterprise plans.
TLS in transit, encrypted application databases and backups, export logs, configurable retention, and practical regional storage commitments.
Admin, integration, permission, assignment, escalation, export, and closeout events are retained for review.
Status page, incident process, customer notification commitments, encrypted backups, and documented recovery procedures.
Enterprise review
Confirm data categories, integrations, user roles, territories, and retention needs.
Provide security questionnaire responses, DPA, subprocessors, and architecture notes.
Review SSO, SCIM, permissions, audit logs, export controls, and incident commitments.
Confirm production access, support contacts, notification route, and operating owner.