Unit
A named human owner for every agent. There is no unit without an accountable person.
Security & governance
Permissions by owner and group, encryption by design, immutable audit and operational practices to keep a fleet healthy. This page describes Kordana's product controls; it does not replace formal assessments or certifications.
01·Every object has a human owner
A named human owner for every agent. There is no unit without an accountable person.
Every node in the tree — domain, customer, process — has a human owner.
Budgets and rules inherit down the tree; the most specific policy wins and restrictions never relax.
02·Permission model
Permissions operate on units and groups, not on screens. A supervisor for one group cannot touch units in another; an auditor reads everything but executes nothing. Role changes are audited events.
| Role | Scope | Can |
|---|---|---|
| Unit owner | Unit | Edit the role, adjust limits, approve escalations, retire the unit. |
| Group owner | Group and descendants | Approve onboarding, move units between groups, set budgets, order a freeze. |
| Operational supervisor | Assigned group | Stop / play, take cases from the inbox, execute handoff, open incidents. |
| Auditor | Full read | Query the immutable log, export reports, verify retirement certificates. |
| Platform administrator | Tenant | Manage SSO, roles, connectors and global policies. No access to operational data. |
Enterprise SSO and SCIM provisioning planned for tenants with centralized identity requirements. Check availability on your plan.
03·Identity and access
Never a borrowed human credential. Each unit gets its NHI with a rotation date. The access profile is registered structurally in Design — system, permission, justification, approver — and used as the contract for provisioning and revocation.
Retirement certificate
No certificate, no retirement. The phase that eliminates zombie agents.
Target: 100% of units retired with a certificate. Live credentials post-retirement: 0.
04·Encryption by design
Kordana doesn't ask you to take our word for it: the cryptographic controls are part of the product architecture. This description reflects the service implementation and is not an independent certification.
TLS 1.2+ between browser, APIs, connectors and integrated frameworks. HSTS enabled on the domain.
AES-256 encryption managed by the infrastructure provider. Volumes, snapshots and backups included.
Unit credentials and connector tokens live in a dedicated vault, with versioned rotation per unit.
Logical data segregation per organization and row-level access controls for owners and groups.
05·Immutable audit
Every control action is written to the log, no exceptions — including those taken by automated policies.
| Timestamp | Actor | Action | Object | Justification |
|---|---|---|---|---|
| 10:42:03 | Ana Pérez · Supervisor | STOP | unit/collections-latam-07 | Spend threshold exceeded |
| 10:44:11 | Policy · budget-latam | DEGRADE | group/collections-latam | Daily budget at 95% |
| 11:02:37 | Ana Pérez · Supervisor | APPROVE | case/esc-8821 | Context verified with customer |
06·Operational best practices
Practices we recommend to teams operating agents in Kordana. They align with the data model and the product's levers.
01
Every unit starts with the narrowest possible access profile. Expanding it requires the owner of the accessed system to approve.
02
Budget, hours and action caps default to conservative during probation. They relax once the unit graduates.
03
When in doubt, pause the unit or the group. A freeze costs less than a deviation in flight.
04
Revalidate owners, live credentials and profiles against connected systems. Scheduled NHI rotation.
05
Every incident closes with findings linked to the unit and the next role version.
06
Without a retirement certificate there is no closure. The only way to eliminate zombie agents at scale.
Anti-pattern we eliminate
A unit informally retired that keeps live credentials or access. Phase 6 — verified retirement with a certificate — is exactly what eliminates it.
07·Integration levels
Inventoried
Exists with an owner and a group
Observed
Telemetry, health, alerts, scorecards
Controlled
Stop/play, limits, structured handoff
Managed
Full lifecycle, verified retirement
L2 enables operational control. L3 enables the full lifecycle with verified retirement.
08·Security contact
Report vulnerabilities or incidents to security@kordana.ai. We acknowledge within one business day.
Start free by inventorying. Move up to observation, control or management unit by unit.