Admin Topics

Concierge Security

Learn about the security features of Concierge and how to configure and manage your Concierge account.


Concierge is a secure service. Concierge uses the following security features:

  • HTTPS for all communication
  • Role-based access control for all users
  • Audit logging for all actions
  • Encryption of all data at rest
  • Encryption of all data in transit

However, we recommend that you do not store sensitive data in Concierge. Sensitive data includes passwords and other credentials for your internal or cloud systems, credit card numbers, and other personally identifiable information.

Concierge is not a secure repository for sensitive data. Concierge is designed to store data that is not sensitive, such as service request information, and to integrate with other systems that store sensitive data.

If you need to store password credentials and other sensitive data, we recommend that you use a password manager or other secure repository.

Role-based Access Control

Concierge uses role-based access control to control access to the system. Users are assigned to roles, and roles are associated with permissions. Permissions control what users can do in the system.

The following roles are available in Concierge:

  • Account Owner: The account owner has full access to the Concierge account. The account owner can add and remove users, assign roles to users, and can change the account settings. This role is assigned to the user who created the account, but can be added to other users as well. Only the account owner can delete the account.

  • Account Admin: The account admin has full access to the Concierge account. The account admin can add and remove users, assign roles to users (but cannot grant the AccountOwner role), and can change the account settings.

  • Billing Admin: The billing admin can view billing information, but cannot change the account settings.

  • Deployer: The deployer can deploy service requests, but cannot change the account settings.

  • Reviewer: Users in the reviewer role are often tasked with reviewing service requests, although this function is not limited to Reviewer role holders. Users who hold the reviewer role, and the reviewer role only, are not required to have a paid Concierge license.

  • Creator: The creator can create service requests. By default, all new users will hold the Creator role; however, this role can be removed from users. Account owners, account admins and deployers can create service requests as well even though they may not hold the Creator role.