Engagement Command Center

	Client	Service Line	Team Lead	Status	Outcome	Revenue	Start Date	Target Date
Loading engagements...

	Name	Firm	Role	Specialty	Tags	Engagements	Contact Info	Health	Outreach
Loading contacts...

Name	Email	Company	Status
Loading...

Loading...

To	Subject	Scheduled For	Status
Loading...

Contact	Subject	Scheduled	Status	Sent At
Loading outreach log...

	From	Subject	Contact	Received	Actions
Loading…

New User

Full Name *

Email *

Password *

Role

Users

Name	Email	Role	Added
Loading…

Roles Explained

Admin

Full CRUD access. Can manage contacts, engagements, notes, outreach, SMTP settings, and user accounts.

Viewer

Read-only access. Can view all data, reports, and analytics. Cannot create, edit, or delete records.

Your Preferences

New Engagement Created

Get notified when a new engagement is opened

Engagement Status Changed

Get notified when an engagement's status is updated

Note Added to Engagement

Get notified when a meeting note, call log, or update is recorded

File Attachment Uploaded

Get notified when a file is attached to an engagement

Contact Linked to Engagement

Get notified when a contact is added to an engagement (off by default)

Weekly Digest Email

Monday 8AM ET — new engagements, status changes, stale alerts & outreach stats

🔐 Status Disabled

Compatible with Google Authenticator, Authy, 1Password, and any TOTP-based app.

Data Export

Download your data as CSV files or a full ZIP archive for backup and compliance

Individual Exports

Engagements

Status, service line, team lead, outcome, revenue, dates — loading…

Contacts

Firm, role, email, phone, linked engagement count — loading…

Audit Trail

Full change history — loading…

to (optional filter)

Email Templates

Reusable outreach templates with merge fields. Select a template when composing a campaign.

Your Templates

Merge fields available: {{contact_name}} {{first_name}} {{last_name}} {{firm_name}} {{title}} {{role}}

Business Continuity Plan

Infrastructure resilience, data protection, and recovery capabilities for vendor review

GlassRatnerOS — Business Continuity Overview

🗄️ Data Availability & Backup

Primary Database: Neon PostgreSQL with automatic continuous backup and point-in-time recovery (PITR). Data is replicated across availability zones with <1 minute RPO (Recovery Point Objective). Managed database service with 99.9% uptime SLA.
Application Export: Admins can download complete data snapshots as CSV files or a full ZIP archive at any time via this Settings page. Exports include all engagements, contacts, and the complete audit trail.
Recovery Time Objective (RTO): <4 hours for full service restoration from infrastructure failure. Database point-in-time restore is available for any point within the retention window.

🔒 Security Controls

Encryption at Rest

AES-256-GCM for all sensitive credentials (SMTP passwords). Neon PostgreSQL encrypts all data at rest by default.

Encryption in Transit

TLS 1.2+ enforced on all HTTP endpoints (HTTPS-only). Database connections use SSL. SMTP uses STARTTLS (port 587).

Access Controls (RBAC)

Role-based access: Admin (full CRUD) and Viewer (read-only). All write operations require admin role. API-level enforcement — not just UI hiding.

Authentication

PBKDF2 password hashing (100k iterations, SHA-512). JWT tokens (HS256) with 7-day expiry. TOTP multi-factor authentication with AES-256-GCM encrypted secrets, single-use backup codes, and rate-limited verification.

Session Timeout

Sessions automatically expire after 30 minutes of inactivity. Activity is detected via mouse, keyboard, and click events. Expired sessions redirect to login with a notification.

Account Lockout

5 consecutive failed login attempts triggers a 15-minute account lockout. Counter resets on successful authentication. Prevents brute-force credential attacks.

10 attempts per IP address per 15 minutes enforced at the network level. Independent of per-account lockout — protects against distributed credential-stuffing attacks.

📋 Audit Trail & Compliance

All create, update, delete, link, and file operations are logged with entity type, entity ID, action, field-level diffs (old/new values), performing user, and timestamp. Audit logs are immutable (append-only) and exportable as CSV for external review. The audit trail covers engagements, contacts, notes, attachments, and user management.

☁️ Infrastructure & Availability

Hosting: Render (SOC 2 Type II certified cloud platform). Auto-scaling web service with zero-downtime deploys via GitHub Actions CI/CD pipeline.
Database: Neon Serverless PostgreSQL — SOC 2 Type II, automatically managed, geographically redundant.
Deploy Process: All changes reviewed via pull requests before deployment. Automated migration runs on deploy. Rollback available via GitHub Actions in <10 minutes.

🚨 Incident Response

Severity 1 (service down): Response within 1 hour, target restoration <4 hours.
Severity 2 (degraded performance): Response within 4 hours, target restoration <24 hours.
Data Recovery: Point-in-time restore to any timestamp within the database retention window. Application-level CSV exports provide an additional recovery layer independent of infrastructure providers.

GlassRatnerOS — Confidential. For internal use and authorized vendor review only.

Command Center

Active Engagements

Professional Network

Email Outreach

Inbox

Add Note —

Settings & User Management

New User

Email Notifications

Two-Factor Authentication

Data Export

Email Templates

Business Continuity Plan

Task Pipeline

Save Current View

Command Center

Active Engagements

Professional Network

Email Outreach

Inbox

Link Reply to Contact

Add Note —

Settings & User Management

New User

Email Notifications

Two-Factor Authentication

Data Export

Email Templates

Business Continuity Plan

Task Pipeline

New Engagement

New Contact

SMTP Settings

Email Campaign

Create Campaign

Edit Campaign

Add Contacts to Campaign

Email Templates

Import Contacts

Link Contact to Engagement

Link to Engagement

Review Potential Duplicates

Save Current View