SECURITY
Your data. Your building. Your keys.
PlantStacks installs on one machine inside your own network and never phones home. Nothing leaves your premises, no third party holds your records, and every safeguard is on the day you switch it on. Security here isn't an add-on tier — it's how the product is built.
Self-hosted · Offline-verified licensing · Secure by default
Built secure, by default
No hardening checklist to work through and no expert required. These protections ship enabled out of the box.
TLS everywhere
Every connection between a staff PC and the server is encrypted in transit over TLS — across the office or across the warehouse floor. Credentials, stock counts, and files never travel the LAN in the clear.
Role-based access, deny by default
People see only what their role allows. New accounts start with nothing and you grant access deliberately, so a misconfiguration locks people out rather than exposing data it shouldn't.
Two-factor login
Protect accounts with an authenticator app on top of a password. Require it for everyone or for sensitive roles — a stolen password alone is no longer enough to get in.
Tamper-evident audit log
Every meaningful action is recorded in a hash-chained log. Each entry seals the one before it, so any attempt to edit or delete history breaks the chain and shows. You get a trustworthy record of who did what, and when.
Encryption at rest
Your database and stored files are encrypted on disk. If a drive or backup is ever lost or stolen, the contents stay unreadable without your keys.
One exposed surface
Only the application is reachable from the network. Internal services — the database, background workers, and caches — stay private to the machine and are never published to the LAN, shrinking the attack surface to a single, hardened door.
Offline & air-gapped operation
PlantStacks runs fully offline. Put it on an isolated network with no internet at all and every feature still works — ideal for sites with strict separation requirements.
No phone-home
The software never calls out to us. Licenses are verified locally, telemetry is off, and there's no background channel to a vendor cloud. What happens on your machine stays on your machine.
Automatic encrypted backups
Scheduled backups run on their own and are encrypted before they're written. One-click restore brings everything back, so a bad day stays a small one.
Secrets generated at install
There are no shared default passwords or keys to forget about. Every install generates its own unique secrets at setup time, so no two deployments share credentials — including yours and ours.
How licensing stays private
Your license is a cryptographically signed file. When you activate, PlantStacks checks the signature against a built-in public key right there on your server — entirely offline. Nothing about your business, your usage, or your data is ever sent back to us to "check in."
Because verification happens locally, the software works the same air-gapped as it does online. And expiry never destroys data or locks you out of login — a lapsed license simply pauses paid features until you renew, with everything intact.
Read the details
Everything above on a single page you can forward to IT, security, or a customer's auditor.
Have a compliance requirement?
Air-gapped deployments, perpetual licensing, single sign-on with your IdP, and audit needs — tell us what your reviewers ask for and we'll walk you through how PlantStacks meets it.
Talk to us about your compliance needs