Security & Compliance

AD Unlock is designed with enterprise security requirements in mind.

Security Principles

Zero Trust

Every request requires identity verification
No implicit trust based on network location
All operations logged and auditable

Defense in Depth

Multiple layers of security controls
mTLS for connector authentication
Encryption for sensitive data
Row Level Security in database

Least Privilege

Service account has minimal required permissions
Denied groups block privileged accounts
Connector can only perform allowed operations

Security Topics

Security Architecture Certificates & mTLS Data Privacy Audit Logs

Quick Facts

Aspect	Implementation
Transport	TLS 1.3, mTLS for connectors
Authentication	OAuth2/OIDC (Azure AD/Google)
Encryption	AES-256-GCM, RSA-OAEP
Data Isolation	Row Level Security (PostgreSQL)
Audit Trail	Immutable, tamper-evident
Password Handling	Never stored, email-only delivery

Compliance

AD Unlock supports compliance with:

SOC 2 Type II
ISO 27001
GDPR
LGPD

Contact support@adunlock.me for compliance documentation.

Last updated on January 26, 2026

Settings Reference Security Architecture