Security
Corral Works is a tool that writes to your live Advance database. We've taken that seriously. Here's how it handles data, identity, and the things that go wrong.
Corral Works deploys into your institution's environment and connects directly to your Advance database. Constituent data doesn't leave your network to reach us, and we don't host a copy of it.
Staff sign in with the same institutional credentials they already use (Active Directory / SSO where configured). Their Corral permissions mirror the Advance security role they already hold — no parallel access list to maintain.
Every edit Corral makes to Advance is stamped with the user who made it, the timestamp, and the batch it belonged to. Audit records are queryable and exportable as CSV.
Bulk operations are grouped into named batches. If you discover a problem after the fact, the batch can be rolled back as a unit — without a custom corrective script.
Corral Works is one tool, not a replacement for your DBA, your backup strategy, or your existing change-control process. We're designed to fit alongside them, not under them.
We expect to fill out a security questionnaire — most schools have one. We'll work with your IT and information security teams on deployment, access reviews, audit-log retention, and whatever else your institution requires.
Have a questionnaire to send over, or specific concerns to discuss before a pilot? Email hello@corral-works.com and we'll route it to the right person.
This page describes our security posture in plain language. As the product moves through pilots we'll add a formal trust page with certifications and detailed control mappings.