.svg)
This page is the starting point for understanding how Enpass is designed, secured, and governed. The documents below cover Enpass's architecture, security model, compliance posture, and component-level detail.
Architecture
Data Sovereignty and Distributed Architecture
Explains how Enpass distributes vault data across your own trusted environment and Enpass infrastructure to ensure zero-knowledge security and data sovereignty without requiring self-hosted servers. Covers the key components — Enpass App, business cloud storage, Enpass Hub, and the License Server — and how they interact.
Security
Enpass Security Whitepaper
A comprehensive technical reference covering Enpass's security principles, vault encryption, sync model, and Enpass for Business. Includes detailed documentation of Enpass Hub's authentication flows, key generation and storage, and cryptographic primitives.
Enpass Hub – Data Storage & Security
Component-level documentation for Enpass Hub. Covers what Enpass Hub is, where it fits in the distributed architecture, what data is stored on it, how zero-knowledge and data sovereignty are preserved, and compliance coverage.
Security of Your Data on Microsoft 365
Explains how Enpass protects vault data within your Microsoft 365 environment. Covers data sovereignty, zero-knowledge encryption, how sync works securely over Microsoft Graph APIs, and what Microsoft 365 does and does not have access to.
Compliance & Assurance
Enpass Compliance & Assurance
Covers Enpass's certifications and audit validations, including ISO/IEC 27001:2022, ISO/IEC 27701, SOC 2 Type II (all five Trust Services Criteria), TISAX, and GDPR alignment. Also covers security governance, privacy governance, and operational security practices.
For certification details, audit reports, and downloadable compliance resources, visit the Enpass Trust Center.