Security
Security you control
Autonomous IT support only works if you trust the guardrails. SuperIT is supervised by default, fails safe to approval, and logs every proposal and execution. You define what runs without a human.

Security controls
Supervised by default
Pilots start conservative: read-only diagnostics, internal notes, engineer-driven. Autonomy expands only as you switch it on, at the pace you are comfortable with.
Inherits the user's permissions
The agent acts as the signed-in user it is helping. It can never do something that person couldn't do themselves. Targeting admin accounts is rejected outright.
Allowlist & blocklist controls
You define exactly what the agent is allowed to do. Everything else is off-limits by default. Anything unrecognised fails safe to "needs approval", never to "run it".
Approval workflows
Sensitive actions require explicit sign-off. Nothing high-risk happens without a human saying yes.
Isolated tenants
Every customer runs in an isolated tenant with per-device credentials. One client's data can never bleed into another client's responses.
Full auditability & alerts
Who did what, when and why: every proposal, policy check, approval and execution is logged. Get alerted when sensitive configuration, like global admin, changes.
Encrypted, end to end
Our RMM agent meets industry-leading security standards. All data between device and backend is encrypted in transit and at rest.
Your data stays portable
Export your data in a usable format at any time. No lock-in, ever.
Data handling
No shared model training
Customer data is used to deliver the service, not to train public models.
Isolated tenants
Each client runs in an isolated tenant with per-device credentials.
Encrypted and portable
Data is encrypted in transit and at rest. Export your data anytime.
Data residency
Deployment options for data-residency requirements are scoped on enterprise plans.
Common questions
How can you safely let an AI run commands on our machines?
Can we lock specific things away from the agent, even from ourselves?
Can the agent be tricked or manipulated into doing something it shouldn't?
How is our data handled?
We're an MSP. How do you keep each client's data separated?
Where is our data hosted? Can you meet data-residency requirements?
Do you have security certifications?
Ask us the hard questions
Security is how the product is built. Book a demo and walk through allowlists, approvals and audit with your CTO.