Security

Security you can build a journal on

Manuscripts represent years of work and confidential peer review. Protecting them is a core part of how AuthXpress is built and operated.

How we protect your data

Encryption

Encrypted in transit & at rest

All traffic is served over HTTPS, and stored manuscripts and data are encrypted at rest by our infrastructure providers.

Access

Role-based access control

Every action is gated by explicit roles. Editors, reviewers and admins only ever see what their role permits.

Audit

Complete audit trails

Sensitive actions — decisions, downloads, proxy sessions — are logged with actor, time and context for accountability.

Isolation

Per-tenant separation

Each journal's data is logically isolated so information never leaks across titles or publishers.

Files

Capability-based file access

Manuscript files are served through short-lived, signed links scoped to a single object — never public URLs.

Resilience

Backups & recovery

Scheduled backups with tested restore paths protect against data loss, with safety snapshots before any bulk import.

Responsible disclosure

If you believe you've found a security vulnerability, we want to hear from you. Please email security@authxpress.com with details and steps to reproduce. We investigate every report and will keep you updated on our progress. Please give us a reasonable window to address the issue before any public disclosure.