Skip to content
Enterprise-grade security

Security designed for engineering operations

Overwatch is built as a Windows-first desktop platform with local-first processing for workflow execution, plus controlled cloud services where account and platform functions require them.

Local-first operations with explicit cloud boundaries.

Overwatch executes automation in the desktop environment by default. Platform services such as authentication, billing, and selected communications are handled through managed providers with clear responsibility boundaries.

Security Features

Built from the ground up with AEC security requirements in mind.

Local-first workflow processing

Core workflow execution runs on your Windows machine so operational data stays close to your delivery environment.

Encrypted Credentials

Stored credentials are encrypted at rest in the desktop application to reduce exposure risk for connected systems.

Controlled cloud connectivity

Local automation can run without persistent cloud processing, while account, licensing, billing, and selected integrations use managed cloud services.

Enterprise Identity (SSO)

Support for SSO patterns suitable for organisations that need centralised identity and access management. Integrate with your existing identity provider.

Audit Logging

Track workflow executions, user actions, and system events. Enterprise plans include comprehensive audit logs for compliance and governance requirements.

Secure Authentication

Authentication is handled through Auth0, a leading identity management platform. All data transmission is encrypted using TLS 1.3.

What We Do (and Don't) Store

We Store

  • Your email and name (for account management)
  • Subscription and billing status
  • License activation records
  • Service telemetry needed for product reliability and support

We do not store

  • Your project files or BIM models through this website
  • Workflow outputs or reports from your local workflows
  • Your credit card details (handled directly by Stripe)
  • Plaintext integration credentials in local app storage

Our Commitments

  • Core workflow execution is local-first in the desktop application
  • Optional cloud-connected capabilities include account, billing, email, and selected AI services
  • Stripe handles payment processing and payment card storage
  • Account deletion requests are supported through our support workflow
  • Privacy practices are governed by our published policy and Australian legal obligations

Questions about security?

We can discuss your delivery environment, security requirements, and provide supporting documentation for rollout planning.

Contact usPrivacy policy