Team & Security

Invite staff members to help manage your chamber. Go to Admin → Settings → Team to manage your team:

• Invite new team members by email
• Assign roles and permissions
• Remove access when staff leave
• View login activity and last active dates

Membicus has several built-in roles:

• Owner — Full access, billing management, can delete the organization
• Admin — Full access to all features except billing and org deletion
• Staff — Can manage members, events, and communications but cannot access settings
• Read-only — Can view data but cannot make changes (useful for board members)

Assign the minimum required role to each team member following the principle of least privilege.

Membicus supports two-factor authentication (2FA) using authenticator apps (Google Authenticator, Authy, etc.).

• Optional 2FA — Individual team members can enable 2FA from their profile
• Required 2FA — Admins can enforce 2FA for all team members from Settings → Security

When 2FA is enforced, team members who haven't set it up will be prompted to do so on their next login.

Membicus takes data security seriously:

• Encryption — All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Row-Level Security — Database policies ensure tenants can only access their own data
• Audit logging — Key actions are logged for accountability
• Regular backups — Automated daily backups with point-in-time recovery
• SOC 2 compliant infrastructure — Hosted on Vercel and Supabase