Guide Vantage · 1 min read

Yes. Fulcrum provides a complete security architecture document in Phase 1 that your IT director can review before Vantage goes live, covering data flows, system security posture, access controls, and data retention.

Can my IT director review the security architecture?

Yes. Fulcrum provides a complete architecture document during Phase 1 that describes every data connection, every system that touches client data, the security posture of each, and the data flow between them.

Your IT director can review this document before the system goes live and raise any questions or concerns. If the security posture does not meet your requirements, we work through the gap before connecting any data.

What the architecture document covers

Data flow diagram. Every system Vantage connects to and how data moves between them: CRM to Vantage pipeline, enrichment sources to Vantage, Vantage to CRM output fields.

Security posture of each component. Supabase SOC 2 Type II certification, Vault encryption for credentials, access control model for Fulcrum service accounts, tenant isolation architecture.

Access control documentation. Who can access what, under what conditions, and what the revocation process looks like at engagement end.

Data retention policies. How long Fulcrum retains access logs, what is retained vs. deleted at offboarding.

What your IT director can ask about

Anything.

Common questions include:

  • Specifics on encryption at rest and in transit
  • Supabase SOC 2 documentation (available directly from Supabase)
  • Service account permission scope
  • Whether a penetration test has been run
  • Incident response procedure

Fulcrum will provide specific, factual answers to technical security questions. If a question exposes a gap that needs to be addressed before the engagement proceeds, we say so. The goal is a security posture your IT team can stand behind, not a sales conversation about how secure the system is.

If your IT team has specific requirements

Name them before the engagement starts. Examples include:

  • HIPAA BAA
  • Specific data residency requirements
  • Network-level restrictions
  • Particular certification requirements

Most can be accommodated; some cannot. It is better to find out before data is connected than after.

---

Connected questions:

  • Where does my data live and who can access it?
  • Is Vantage HIPAA compliant?
  • What does my IT team need to set up for Vantage?

Related: Where your data lives · Is Vantage HIPAA compliant · What happens to data if you cancel

More in Vantage

What is Vantage and who is it for?

Vantage is a business intelligence system that scores and ranks your pipeline using your own evaluation standard, not a generic AI model. It is built for relationship-driven firms where deal judgment lives in one person’s head and losing that person would stall growth.
What problem does Vantage actually solve?

Vantage captures and scales the unwritten qualification standard in a sales leader’s head so the whole team can consistently prioritize the right accounts, without routing every decision back through that leader.
How is Vantage different from a knowledge base we could build in Notion or Guru?

The honest comparison. What Notion and Guru do well, where they fail, and why the distinction between a documentation tool and an intelligence layer matters more than it sounds.
Will my team actually use Vantage, or will it sit unused like our last knowledge base?

The adoption graveyard is real. Here is why it happens with traditional tools, what Vantage does differently, and what to actually expect from your team in the first 90 days.
See all Vantage articles →

Ready to move

One call. No proposal required before we talk.

Start the conversation

Was this article helpful?
← Knowledge Library All Vantage →