DaemonLayer is designed for MSPs who manage data on behalf of other businesses. Every tenant is fully isolated. Every email and credential is encrypted at rest. Every action is logged and auditable.
Defence in Depth
Security at DaemonLayer is not a single feature: it is a stack. Each layer is independent. A failure in any one layer is contained by the others.
Every MSP's data is fully isolated. No query, no process, and no user can access data belonging to another tenant, enforced at multiple independent layers, not by convention.
Email content and credentials are encrypted before they are written to storage, using keys unique to each tenant. Your data cannot be read by another MSP on the platform, even in a worst-case scenario.
PSA and M365 credentials are encrypted on entry and never exposed again. They do not appear in logs, error messages, API responses, or support tooling, under any conditions.
Audit records capture what happened and who did it, never the underlying secrets. Passwords, tokens, and API keys are excluded from every log and error trace, by design.
Audit & Compliance
Every ticket operation, triage decision, workflow execution, and authorization event is logged with the actor, action, resource, and outcome. The audit trail is append-only and scoped to tenant. Nothing is overwritten.
M365 change records include before-and-after field values. If a user's job title was changed by a workflow, the audit log records what it was and what it became, providing a traceable history without querying Microsoft directly.
GDPR Readiness
MSPs process personal data on behalf of clients across multiple jurisdictions. DaemonLayer is built with that responsibility in mind.
All email content is encrypted with a tenant-specific AES-256-GCM key before it is written to the database. The plaintext is never stored. Decryption only occurs in memory during processing.
All AI processing runs on models deployed within EU data zones via Azure AI Foundry. Your ticket data does not leave the EU to be analysed, relevant for MSPs operating under GDPR jurisdiction.
Ticket content, client data, and user information processed by DaemonLayer are never used to train or fine-tune AI models, by DaemonLayer or by the underlying model providers.
Related
A 30 minute walkthrough on your PSA setup. We show exactly what DaemonLayer would handle for your team, on your data, with no obligation.
No sales deck. No obligation. Live walkthrough on your environment.
