BETA Hydrate is in beta. Register during beta and lock $5/mo Pro forever - free during beta + 1 month after v1 launches. Join the waitlist →
Legal / Compliance
← Compliance

Access review.

Who has access to Hydrate's production systems, how that access is maintained, and what happens when someone leaves.

Version 1.0 · Effective: 2026-04-24 · Owner: Seamus Waldron · Covers: SOC2 CC5 · Cadence: Quarterly

Resources in scope

Resource Access method Authorised users
Mac Mini production server SSH via Tailscale Seamus Waldron
GitHub sedasoft organisation GitHub account Seamus Waldron, David Bosdet
Cloudflare account (gethydrate.dev) Cloudflare web UI Seamus Waldron
1Password (secrets) 1Password account Seamus Waldron, David Bosdet
GitHub Actions secrets (signing certs, VSCE_PAT) Via GitHub Actions Seamus Waldron
OpenAI API key (production extraction) Environment variable on Mac Mini Seamus Waldron

Quarterly review procedure

Conducted at the end of each quarter, target same week as post-market surveillance review.

1
List current access
For each resource in scope, confirm who currently has access by checking the platform directly.
2
Compare against current team
Verify that only active contributors with a legitimate need have access. No ex-members, no dormant accounts.
3
Revoke stale access
Remove access for any former contributors or accounts no longer needed.
4
Verify least-privilege
Confirm that roles grant only the permissions required. GitHub collaborators with read-only need should not have admin access.
5
Rotate secrets
Rotate any credentials that have not been rotated within the past 12 months.
6
Record the review
Append a record to the private review history document: date, reviewer, changes made, credentials rotated, open items.

Offboarding trigger

When a contributor leaves, the following steps are taken immediately, not deferred to the next quarterly review:

Remove GitHub organisation membership within 24 hours
Remove from 1Password vault
Remove SSH access (revoke key on Mac Mini if applicable)
Rotate any credentials they had access to
Document the removal in the access review history

Enterprise

For Enterprise deployments, customers are responsible for their own access review on the infrastructure they manage. Sedasoft does not hold administrative access to customer-managed infrastructure.

For team features (Hydrate team sync), the team manifest defines manager emails. Managers are reviewed quarterly by the Enterprise account holder and can be updated via the manifest.

Review history

No completed reviews yet. First review due Q3 2026.
← Risk Assessment All compliance docs →