Security and control

Private by design.
Controlled by you.

Zero-8 is built around defined access, isolated account data, revocable connections, and explicit action boundaries. Argus receives the access required for the configured operating scope—not undefined authority over the business.

Connections

Access begins with permission.

Connected systems use permissioned authorization — Google and Microsoft accounts connect through their own sign-in, never by sharing a password with Zero-8. Connection credentials are stored encrypted, and you can review and revoke supported connections from inside the product at any time.

Isolation

Customer accounts remain separated.

Zero-8 uses multi-tenant infrastructure with account-level data isolation enforced at the database layer. Data and operating context from one customer are not exposed to another customer's Argus experience.

Action authority

Proactive does not mean undefined authority.

Argus may observe, recommend, draft, queue, or complete an action depending on the rule explicitly configured for your account. Consequential actions remain in review unless you authorize a defined automation boundary.

StateMeaningYour control
ObserveRead a permitted source and surface informationConnection can be revoked
RecommendSuggest a next stepNo external action taken
DraftPrepare content or actionHeld for review
QueuePlace action in an approval or scheduled stateYou can edit, approve, or cancel
CompleteExecute within an explicitly approved ruleLogged with timestamp and outcome

Assessment status

Independent assessment, stated plainly.

Zero-8 OS completed the Google-required CASA Tier 2 security assessment in July 2026 through TAC Security, an authorized assessor. The independent scan reported zero vulnerabilities, and the Letter of Validation was submitted to Google on July 17, 2026. Google's confirmation of the submission is pending and will be reflected here. CASA status is revalidated on an annual cycle.

Security contact

Questions about access or data handling?

To report a security concern or ask about Zero-8’s data handling, contact eamon@zero-8.io. Include enough detail to identify the affected account or connection without sending passwords or other authentication secrets.