Skip to main content

Security and Access

itsTrack is built so your data stays safe and each person sees only what they need.

On-premise: your data, your server

itsTrack runs on your own infrastructure. Your client data, job history, photos, and warehouse records stay on your server — not in a public cloud.

This matters if you:

  • Work with sensitive client information
  • Must follow data protection rules
  • Want full physical control over your records

Encrypted connection

Access to your server goes through a safe TLS tunnel. Data is encrypted in transit. Your operational data does not pass through public cloud storage.

You do not need to expose your server to the internet with a public IP or open firewall ports.

Role-based access

Each person in your company gets access only to what they need for their job.

Role typeTypical access
Admin / ManagerFull view of clients, jobs, warehouse, reports
Field workerAssigned jobs, client site info, forms, chat
Warehouse staffStock levels, material movements, equipment
Read-only / client portalLimited view via Magic Links — no login needed

This prevents accidental changes and keeps sensitive data protected.

tip

Set up user roles carefully when you first configure the system. It is easier to start with limited access and expand later than to fix permissions after a mistake.

Client access without login

When you send a Magic Link to a client, they can approve work or view a specific document without a full account. The link is secure and time-limited.

→ See Magic Links for details.

What stays local vs. what connects online

Stays on your serverUses secure online connection
Client recordsLicense validation
Job history and photosEncrypted access tunnel
Warehouse dataOptional domain SSL setup
User accounts and permissionsSystem updates

Your core business data always stays local.

Best practices

  1. Keep license files safe — Do not share license.json or installer.json outside your team.
  2. Use strong passwords — Require strong passwords for all user accounts.
  3. Review access regularly — Remove accounts when staff leave.
  4. Use custom domain with HTTPS — Gives your team and clients a trusted, encrypted web address.

Need help with security setup? Contact support@itstrack.net.