While JourneyApps takes every measure to make the platform secure, it is the application developer's responsibility to secure the application and integrations. This model is known as SSRM: Shared Security Responsibility Model. JourneyApps is responsible for protecting the platform that runs all the services that a customer makes use of. A customer's responsibility is determined by the components and features of the JourneyApps platform that they make use of. More information is provided below.
By default, applications in JourneyApps work on a single-tenant model, where every authenticated user has access to all data in the application. Even if the user does not have the ability to use the application to access data, an app's OnlineDB APIs expose access to all data in the deployment by default.
If greater isolation is required between data for different users, the following is required:
Configure sync rules to specify the data stored offline on devices.