Workhub is built on the Microsoft 365 security model you already trust. Your data doesn't leave your tenant. Your permissions aren't duplicated. Your governance isn't weakened.
Every item below is available for review by your security, compliance, or procurement team — documentation on request.
Your data stays in your M365 tenant. Workhub processes requests — we do not store your document content.
Every query respects existing SharePoint, OneDrive, and Teams permissions. Nothing is exposed that wouldn't already be.
Full respect for Microsoft Purview sensitivity labels and data loss prevention policies.
Every AI and agent interaction logged to your tenant's audit trail. Exportable, reviewable, SIEM-compatible.
Built to the standards your procurement team demands. Our security programme is designed around leading frameworks including ISO 27001 — documentation available under NDA.
Workhub respects your organisation's configured AI data-sharing preferences. If your tenant is set to opt out of training data sharing, we enforce that end-to-end. If it's not, model-default behaviour applies — you stay in control.
We work with firms in regulated industries — legal, financial services, healthcare, professional services — where compliance isn't a checkbox, it's a business requirement.
Our controls are built to satisfy the scrutiny of the most demanding information security reviews.
Security questionnaires, architecture documentation, penetration test summaries, and our full compliance package — available under NDA.