Skip to content
CCohessra
Book a Demo

Authorized User Policy

This policy describes who may access Cohessra systems and how credentials and access are expected to be managed by customer organizations.

Last updated: Feb 2, 2026Version: v0.1Draft policy
This policy describes expected access governance at a high level. Customer organizations remain responsible for provisioning, offboarding, and internal access review.

Who may access the system

Access is intended for authorized individuals associated with a customer organization, based on their role and responsibilities.

Customer administrators are responsible for ensuring that only appropriate users are granted access, and that access is removed when it is no longer needed.

Credential handling

Users should keep credentials confidential and must not share accounts. Shared credentials make auditing and accountability difficult and increase security risk.

Where multi-factor authentication (MFA) is available, organizations should adopt it for users with access to sensitive workflows.

Acceptable use

Users must use Cohessra systems in a way that is lawful and consistent with customer policy and applicable agreements.

Customers should not upload or transmit content that they are not authorized to share, including third-party confidential information without permission.

Offboarding and access removal

When a user changes roles or leaves an organization, access should be updated or removed promptly.

Organizations should regularly review user access and permissions to ensure least-privilege principles are maintained.

Reporting suspected compromise

If an account compromise or suspicious activity is suspected, organizations should act quickly to revoke access and contact Cohessra Support.