Isolation
Each customer buys a named product instance. Commercial records, access metadata, and lifecycle state do not collapse into a shared tenant view.
Trust boundary
Single-tenant product instances with explicit control surfaces.
BayStore's security posture starts with separation: public marketing, customer dashboard, operator console, API, payment adapters, and runtime mutation stay behind declared boundaries.
Audit trail
Operator actions are recorded with correlation identifiers so commercial and runtime events can be reconciled.
Recovery
Failed, suspended, and deleted states remain explicit. Recovery is an operation, not an overwrite.
Controls
Current security commitments
Isolation and sandbox boundaryEach product instance is single-tenant: commercial records, access metadata, and lifecycle state are scoped to one customer. The current surface operates within a
sandbox_placeholder boundary - checkout, authentication, and runtime mutation are not production-wired. Production controls require a separate configuration and deployment step.| Area | Marketing commitment | Production dependency |
|---|---|---|
| Public site | Self-hosted static assets, no third-party scripts loaded by default, optional first-party-proxied analytics after consent, and no public console link. | CDN, TLS, and cache policy at deployment. |
| Checkout | Checkout remains sandbox_placeholder; this public site does not charge cards or configure production provider billing. | Provider-approved Stripe and PayPal production configuration. |
| Authentication | Sign-in and signup are entry pages, not a production identity provider. | Production auth provider, sessions, secrets, and authorization policy. |
| Runtime actions | Operator actions are recorded by the API; production runtime mutation remains deferred. | Worker-backed runtime mutation and production cluster operations. |
Security copy is scoped to the current public surface.
BayStore does not currently claim SOC 2, ISO 27001, HIPAA, PCI DSS, or other third-party compliance certification. Any future certification or service commitment needs approved evidence before publication.